PEAP MSCHAPv2 error..
Alan Buxey
A.L.M.Buxey at lboro.ac.uk
Tue Feb 8 22:10:29 CET 2011
Hi,
> Entered bob as username, testing123 as password
>
> I get No such realm 'NULL'
>
> So added
>
> ---------------------
> realm test {
> authhost = LOCAL
> accthost = LOCAL
> }
realm LOCAL {
}
realm NULL {
}
> Now I get rejected - the following from the debug output looks relevant
what is your 'users' entry file like for bob?
> [mschapv2] +- entering group MS-CHAP {...}
> [mschap] Told to do MS-CHAPv2 for bob at test with NT-Password
> [mschap] FAILED: MS-CHAP2-Response is incorrect
have you edited the modules/mschap file?
mschap {
use_mppe = yes
require_encryption = yes
require_strong = yes
with_ntdomain_hack = yes
#ntlm_auth = "/path/to/ntlm_auth --request-nt-key --username=%{Stripped-User-Name:-%{User-Name:-None}} --chal
lenge=%{mschap:Challenge:-00} --nt-response=%{mschap:NT-Response:-00}"
}
do you fire off
preprocess
suffix
ntdomain
in that order, in the authorize section of inner-tunnel?
> I'm doing something silly, no doubt - but what? Should this config just work out of the box?
it should do....I'm sure I've recently (sept last year) got a fresh 2.1.x server and slapped
SoH patches on and it just worked with Win7 client
alan
More information about the Freeradius-Users
mailing list