How to connect to PAP or how to use PEAP with Google LDAP?

Alan DeKok aland at deployingradius.com
Fri Jan 17 13:51:07 CET 2020


On Jan 17, 2020, at 7:45 AM, Mathias Maes <mathias.maes at maerlantatheneum.be> wrote:
> 
> Ok, I understand. So I tried to select TTLS -> PAP protocol on my Android
> device and tried to connect.
> I'm really unable to find the User-Password field, and freeradius doesn't
> seem to find it either, as I see this rule:
> *(1)     if (User-Password)  -> FALSE*

  That's fine, because the outer session is EAP, and doesn't contain a User-Password.

> ...
> (1) Using Post-Auth-Type Challenge
> (1) # Executing group from file /etc/freeradius/3.0/sites-enabled/default
> (1)   Challenge { ... } # empty sub-section is ignored
> (1) Sent Access-Challenge Id 19 from 172.16.88.201:1812 to
> 172.16.8.193:52231 length 0
> (1)   EAP-Message = 0x013600061520
> (1)   Message-Authenticator = 0x00000000000000000000000000000000
> (1)   State = 0xef29b26eee1fa71d4dd2be9575dab580
> (1) Finished request
> Waking up in 2.7 seconds.
> (1) Sending duplicate reply to client TestAP port 52231 - ID: 19
> Waking up in 2.7 seconds.
> (0) Cleaning up request packet ID 18 with timestamp +81
> Waking up in 7.2 seconds.
> (1) Cleaning up request packet ID 19 with timestamp +81
> Ready to process requests

  The supplicant (Android device) is supposed to send the next packet.  It didn't.  Find out why it stopped doing EAP.

  There are instructions on my web site for doing EAP testing: http://deployingradius.com

  Follow them first.  If that works, then you know that FreeRADIUS is configured correctly.  If the Android device still doesn't work, then the Android device needs to be configured correctly.

  Alan DeKok.




More information about the Freeradius-Users mailing list