Connection Failure with PEAP0/1 with MSCHAPv2
mcn at freeradius.org
Wed May 13 11:23:36 CEST 2020
On 13/05/2020 09:17, Ammann, Lukas wrote:
> If i disable certificate validation on Win, Ubuntu and Android, the devices connect successfully.
Not a good idea, but for testing things, OK.
> The embedded device (TI CC3100MOD) however, also has disabled certification validation, but is unable to connect to the server.
It doesn't get as far as checking any certificates.
> I post the debug log output from freeradius below, can someone explain here where is goes wrong based in the log info?
> (52) eap: Peer sent packet with method EAP Identity (1)
> (52) eap: Calling submodule eap_md5 to process data
> (52) eap_md5: Issuing MD5 Challenge
> (53) eap: Peer sent packet with method EAP NAK (3)
> (53) eap: Found mutually acceptable type PEAP (25)
> (53) eap: Calling submodule eap_peap to process data
Set the default EAP type to peap and you'll save one round trip.
> (54) eap: Peer sent packet with method EAP NAK (3)
> (54) eap: Peer NAK'd indicating it is not willing to continue
> (54) eap: Sending EAP Failure (code 4) ID 2 length 4
You need to look in the logs on the device to see why it's not willing
to continue. It hasn't even got as far as exchanging certificates.
More information about the Freeradius-Users