Testing mschapv2 with custom radius attributes
Munroe Sollog
mus3 at lehigh.edu
Mon Oct 12 19:29:16 CEST 2020
radclient does do a better job of sending the attributes as expected,
however I can't figure out how to construct a PEAP-mschapv2 packet to
actually allow the auth to succeed.
I think https://wiki.freeradius.org/config/Radclient assumes a more
comprehensive level of understanding than I have.
On Mon, Oct 12, 2020 at 1:01 PM Alan DeKok <aland at deployingradius.com>
wrote:
>
> On Oct 12, 2020, at 12:56 PM, Munroe Sollog <mus3 at lehigh.edu> wrote:
> >
> > I'm trying to set Aruba-Essid-Name using the -N option in the eapol_test
> > command. It says I need to use the numeric ID of the attribute. When I
> > look at the dictionary.aruba file the VENDOR is "14823" and the
> > Aruba-Essid-Name is "5". If I am interpreting this correctly I would do
> > something like:
> >
> > eapol_test -c /etc/eapol_test.conf -a 192.168.10.10 -ss3cr3t
> > -N148235:s:myessid
>
> Unfortunately we didn't write eapol_test, and have very little to offer
> here.
>
> What is clear is that you can't simple concatenate "14823" and "5", to
> get "148235", and then expect eapol_test to figure out what you meant.
>
> If you're just doing MS-CHAPv2, then use "radclient". It is included
> with FreeRADIUS, it supports MS-CHAPv2, and it supports VSAs.
>
> Alan DeKok.
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
--
Munroe Sollog (He/Him/His)
Senior Network Engineer
munroe at lehigh.edu
More information about the Freeradius-Users
mailing list