monitoring FR's EAP/PEAP capabilities...

tnt at kalik.net tnt at kalik.net
Tue Mar 24 21:20:46 CET 2009


>Has anyone written code to test FR's EAP/PEAP functionality that would
>work with MS-CHAPv2? I see that 'radeapclient' will do MD5, but need to
>monitor FreeRADIUS talking to its oracle though rlm_mschap. Something
>that tested just MS-CHAPv2 would be fine, too, although it seems like
>rlm_mschap only ever exists inside EAP in the standard FR configs.
>
>I'm just looking to see if attempting to write something like this would
>constitute "reinventing the wheel".
>

eapol_test from wpa_supplicant. JRadius Simulator.

Be aware that testing programs work properly when using DOMAIN\username
type logins. Windows is broken and will fail. You need to enable
ntdomain hack in mschap module for a real Windows supplicant (freeradius
debug will warn about this if such login name is detected - ignore the
warnings when testing).

Ivan Kalik
Kalik Informatika ISP




More information about the Freeradius-Users mailing list