eapol_test giving up and win-like error?
NdK
ndk.clanbo at gmail.com
Mon Jan 23 09:35:52 CET 2012
Il 20/01/2012 11:55, Phil Mayers ha scritto:
> If that's really all you've changed, there must be something wrong with
> Samba; it's getting the final crypto blob wrong, and the client is
> dropping the packets. You'll need to investigate and fix this.
Just tested with radtest (have had to use single quotes and FOUR
backslashes! -- my password is obviously in $P):
# radtest -t mschap 'PERSONALE\\\\diego.zuccato' "$P" localhost 0 testing123
Sending Access-Request of id 123 to 127.0.0.1 port 1812
User-Name = "PERSONALE\\diego.zuccato"
NAS-IP-Address = 127.0.1.1
NAS-Port = 0
MS-CHAP-Challenge = 0x7f218889d9de0c84
MS-CHAP-Response =
0x000100000000000000000000000000000000000000000000000015ea491108aa02bb34b5fe79918a67cd8a7b069240091194
rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=123,
length=84
MS-CHAP-MPPE-Keys =
0x00000000000000003b1acd0b65d7af221df50f6ca50447cf0000000000000000
MS-MPPE-Encryption-Policy = 0x00000001
MS-MPPE-Encryption-Types = 0x00000006
And the Access-Accept is quite fast.
When using eapol_test, I get the timeout.
The difference is that radtest seems to use mschapv1 while eapol_test
uses mschapv2.
What could be so wrong that v1 works and v2 doesn't? IIUC v2 includes
username and client nonce in the authenticator, while v1 doesn't.
BYtE,
Diego.
More information about the Freeradius-Users
mailing list