<html xmlns:m="http://schemas.microsoft.com/office/2004/12/omml">
<head>
<meta http-equiv=Content-Type content="text/html; charset=us-ascii">
<meta name=Generator content="Microsoft Word 10 (filtered)">
<style>
<!--a:link
{mso-style-priority:99;}
span.MSOHYPERLINK
{mso-style-priority:99;}
a:visited
{mso-style-priority:99;}
span.MSOHYPERLINKFOLLOWED
{mso-style-priority:99;}
p.MSOACETATE
{mso-style-priority:99;}
li.MSOACETATE
{mso-style-priority:99;}
div.MSOACETATE
{mso-style-priority:99;}
span.BALLOONTEXTCHAR
{mso-style-priority:99;}
/* Font Definitions */
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:"Baskerville Old Face";}
@font-face
{font-family:"Edwardian Script ITC";}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman";}
a:link, span.MsoHyperlink
{color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{color:purple;
text-decoration:underline;}
span.BalloonTextChar
{font-family:Tahoma;}
p.msoacetate, li.msoacetate, div.msoacetate
{margin:0in;
margin-bottom:.0001pt;
font-size:8.0pt;
font-family:Tahoma;}
span.emailstyle17
{font-family:Arial;
color:windowtext;}
span.emailstyle18
{font-family:Arial;
color:navy;}
span.EmailStyle22
{font-family:Calibri;
color:#1F497D;}
span.EmailStyle23
{font-family:Arial;
color:navy;}
@page Section1
{size:8.5in 11.0in;
margin:1.0in 1.25in 1.0in 1.25in;}
div.Section1
{page:Section1;}
-->
</style>
</head>
<body lang=EN-US link=blue vlink=purple>
<div class=Section1>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'>Hi Jake,</span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'> </span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'>The only light I can shed on my issue is a
tale of self-inflected aggravation. It seems I was using the wrong XP
supplicant, hence the wrong root certificate, and this oversight prevented the </span></font><font
size=2 color=navy face=Arial><span style='font-size:10.0pt;font-family:Arial;
color:navy'>TLS</span></font><font size=2 color=navy face=Arial><span
style='font-size:10.0pt;font-family:Arial;color:navy'> tunnel from coming
up. I got a good FreeRadius log for PEAP-MS-Chapv2 on the internet a went
through it line by line, comparing it to my log, until I noticed that the </span></font><font
size=2 color=navy face=Arial><span style='font-size:10.0pt;font-family:Arial;
color:navy'>TLS</span></font><font size=2 color=navy face=Arial><span
style='font-size:10.0pt;font-family:Arial;color:navy'> tunnel never came up in
my setup. It was then I realized my error and fixed. </span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'> </span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'>Regards,</span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'>John</span></font></p>
<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'> </span></font></p>
<p class=MsoNormal style='margin-left:.5in'><font size=2 face=Tahoma><span
style='font-size:10.0pt;font-family:Tahoma'>-----Original Message-----<br>
<b><span style='font-weight:bold'>From:</span></b> freeradius-users-bounces+jhanavan=avaya.com@lists.freeradius.org
[mailto:freeradius-users-bounces+jhanavan=avaya.com@lists.freeradius.org] <b><span
style='font-weight:bold'>On Behalf Of </span></b>Sallee, Stephen (Jake)<br>
<b><span style='font-weight:bold'>Sent:</span></b> Wednesday, January 19, 2011
8:51 PM<br>
<b><span style='font-weight:bold'>To:</span></b> FreeRadius users mailing list<br>
<b><span style='font-weight:bold'>Subject:</span></b> RE: Issue with local
authentication of MS-ChapV2</span></font></p>
<p class=MsoNormal style='margin-left:.5in'><font size=3 face="Times New Roman"><span
style='font-size:12.0pt'> </span></font></p>
<p class=MsoNormal style='margin-left:.5in'><font size=2 color="#1f497d"
face=Calibri><span style='font-size:11.0pt;font-family:Calibri;color:#1F497D'>Glad
to hear you solved it, care to share so we can all benefit ?</span></font></p>
<p class=MsoNormal style='margin-left:.5in'><font size=2 color="#1f497d"
face=Calibri><span style='font-size:11.0pt;font-family:Calibri;color:#1F497D'> </span></font></p>
<div>
<p class=MsoNormal style='margin-left:.5in'><font size=6 color="#1f497d"
face="Edwardian Script ITC"><span style='font-size:24.0pt;font-family:"Edwardian Script ITC";
color:#1F497D'>Jake Sallee</span></font></p>
<p class=MsoNormal style='margin-left:.5in'><font size=2 color="#1f497d"
face="Baskerville Old Face"><span style='font-size:11.0pt;font-family:"Baskerville Old Face";
color:#1F497D'>Godfather Of Bandwidth</span></font></p>
<p class=MsoNormal style='margin-left:.5in'><font size=2 color="#1f497d"
face="Baskerville Old Face"><span style='font-size:11.0pt;font-family:"Baskerville Old Face";
color:#1F497D'>Network Engineer</span></font></p>
<p class=MsoNormal style='margin-left:.5in'><font size=2 color="#1f497d"
face="Baskerville Old Face"><span style='font-size:11.0pt;font-family:"Baskerville Old Face";
color:#1F497D'> </span></font></p>
<p class=MsoNormal style='margin-left:.5in'><font size=2 color="#1f497d"
face="Baskerville Old Face"><span style='font-size:11.0pt;font-family:"Baskerville Old Face";
color:#1F497D'>Fone: 254-295-4658</span></font></p>
<p class=MsoNormal style='margin-left:.5in'><font size=2 color="#1f497d"
face="Baskerville Old Face"><span style='font-size:11.0pt;font-family:"Baskerville Old Face";
color:#1F497D'>Phax: 254-295-4221</span></font></p>
<p class=MsoNormal style='margin-left:.5in'><font size=2 color="#1f497d"
face="Baskerville Old Face"><span style='font-size:11.0pt;font-family:"Baskerville Old Face";
color:#1F497D'> </span></font></p>
</div>
<p class=MsoNormal style='margin-left:.5in'><font size=2 color="#1f497d"
face=Calibri><span style='font-size:11.0pt;font-family:Calibri;color:#1F497D'> </span></font></p>
<div>
<div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in'>
<p class=MsoNormal style='margin-left:.5in'><b><font size=2 face=Tahoma><span
style='font-size:10.0pt;font-family:Tahoma;font-weight:bold'>From:</span></font></b><font
size=2 face=Tahoma><span style='font-size:10.0pt;font-family:Tahoma'>
freeradius-users-bounces+jake.sallee=umhb.edu@lists.freeradius.org
[mailto:freeradius-users-bounces+jake.sallee=umhb.edu@lists.freeradius.org] <b><span
style='font-weight:bold'>On Behalf Of </span></b>Hanavan, John (John)<br>
<b><span style='font-weight:bold'>Sent:</span></b> Wednesday, January 19, 2011
6:18 PM<br>
<b><span style='font-weight:bold'>To:</span></b> 'FreeRadius users mailing
list'<br>
<b><span style='font-weight:bold'>Subject:</span></b> RE: Issue with local
authentication of MS-ChapV2</span></font></p>
</div>
</div>
<p class=MsoNormal style='margin-left:.5in'><font size=3 face="Times New Roman"><span
style='font-size:12.0pt'> </span></font></p>
<p class=MsoNormal style='margin-left:.5in'><font size=2 color=navy face=Arial><span
style='font-size:10.0pt;font-family:Arial;color:navy'>Hi All,</span></font></p>
<p class=MsoNormal style='margin-left:.5in'><font size=2 color=navy face=Arial><span
style='font-size:10.0pt;font-family:Arial;color:navy'> </span></font></p>
<p class=MsoNormal style='margin-left:.5in'><font size=2 color=navy face=Arial><span
style='font-size:10.0pt;font-family:Arial;color:navy'>We solved the issue in
house.</span></font></p>
<p class=MsoNormal style='margin-left:.5in'><font size=2 color=navy face=Arial><span
style='font-size:10.0pt;font-family:Arial;color:navy'> </span></font></p>
<p class=MsoNormal style='margin-left:.5in'><font size=2 color=navy face=Arial><span
style='font-size:10.0pt;font-family:Arial;color:navy'>Regards,</span></font></p>
<p class=MsoNormal style='margin-left:.5in'><font size=2 color=navy face=Arial><span
style='font-size:10.0pt;font-family:Arial;color:navy'>John</span></font></p>
<p class=MsoNormal style='margin-left:.5in'><font size=2 color=navy face=Arial><span
style='font-size:10.0pt;font-family:Arial;color:navy'> </span></font></p>
<p class=MsoNormal style='margin-left:1.0in'><font size=2 face=Tahoma><span
style='font-size:10.0pt;font-family:Tahoma'>-----Original Message-----<br>
<b><span style='font-weight:bold'>From:</span></b>
freeradius-users-bounces+jhanavan=avaya.com@lists.freeradius.org
[mailto:freeradius-users-bounces+jhanavan=avaya.com@lists.freeradius.org] <b><span
style='font-weight:bold'>On Behalf Of </span></b>Hanavan, John (John)<br>
<b><span style='font-weight:bold'>Sent:</span></b> Wednesday, January 19, 2011
3:56 PM<br>
<b><span style='font-weight:bold'>To:</span></b>
'freeradius-users@lists.freeradius.org'<br>
<b><span style='font-weight:bold'>Subject:</span></b> Issue with local
authentication of MS-ChapV2</span></font></p>
<p class=MsoNormal style='margin-left:1.0in'><font size=3 face="Times New Roman"><span
style='font-size:12.0pt'> </span></font></p>
<p class=MsoNormal style='margin-left:1.0in;text-autospace:none'><font size=2
face=Arial><span style='font-size:10.0pt;font-family:Arial'>I am trying to get
PEAP/MS-ChapV2 working on my Radius Server. The version I am using is
FreeRadius 2.1.8. I already have EAP-TLS working between a FreeRadius
Server and an XP supplicant, so I am pretty sure that my certificates are
configured correctly on the FreeRadius Server as well as the XP supplicant that
I am trying to configure PEAP/MS-ChapV2 on. I have attached the
FreeRadius debug log from one of my attempted connections. It appears
that the EAP-TLS tunnel comes up but the MS-ChapV2 authentication fails.
I did see this warning:</span></font></p>
<p class=MsoNormal style='margin-left:1.0in;text-autospace:none'><font size=2
face=Arial><span style='font-size:10.0pt;font-family:Arial'> </span></font></p>
<p class=MsoNormal style='margin-left:1.0in;text-autospace:none'><font size=2
face=Arial><span style='font-size:10.0pt;font-family:Arial'>Warning: Found
2 auth-types on request for user 'jsmith1'</span></font></p>
<p class=MsoNormal style='margin-left:1.0in;text-autospace:none'><font size=2
face=Arial><span style='font-size:10.0pt;font-family:Arial'> </span></font></p>
<p class=MsoNormal style='margin-left:1.0in;text-autospace:none'><font size=2
face=Arial><span style='font-size:10.0pt;font-family:Arial'>But I am uncertain
what it means and how to correct it. As stated earlier, I am trying to
use local authentication for the MS-ChapV2 and this seems to be the point of
failure. I have a packet capture between the Radius Server and the
authenticator showing Radius Access Challenges and Requests but no Access
Accepts. Not sure what I have mis-configured, so any suggestions would be
greatly appreciated.</span></font></p>
<p class=MsoNormal style='margin-left:1.0in;text-autospace:none'><font size=2
face=Arial><span style='font-size:10.0pt;font-family:Arial'> </span></font></p>
<p class=MsoNormal style='margin-left:1.0in;text-autospace:none'><font size=2
face=Arial><span style='font-size:10.0pt;font-family:Arial'>Regards,</span></font></p>
<p class=MsoNormal style='margin-left:1.0in;text-autospace:none'><font size=2
face=Arial><span style='font-size:10.0pt;font-family:Arial'>John</span></font></p>
<p class=MsoNormal style='margin-left:1.0in'><font size=2 face=Arial><span
style='font-size:10.0pt;font-family:Arial'> </span></font></p>
</div>
</body>
</html>