<html xmlns:m="http://schemas.microsoft.com/office/2004/12/omml">

<head>
<meta http-equiv=Content-Type content="text/html; charset=us-ascii">
<meta name=Generator content="Microsoft Word 10 (filtered)">

<style>
<!--a:link
        {mso-style-priority:99;}
span.MSOHYPERLINK
        {mso-style-priority:99;}
a:visited
        {mso-style-priority:99;}
span.MSOHYPERLINKFOLLOWED
        {mso-style-priority:99;}
p.MSOACETATE
        {mso-style-priority:99;}
li.MSOACETATE
        {mso-style-priority:99;}
div.MSOACETATE
        {mso-style-priority:99;}
span.BALLOONTEXTCHAR
        {mso-style-priority:99;}

 /* Font Definitions */
 @font-face
        {font-family:Tahoma;
        panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
        {font-family:Calibri;
        panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
        {font-family:"Baskerville Old Face";}
@font-face
        {font-family:"Edwardian Script ITC";}
 /* Style Definitions */
 p.MsoNormal, li.MsoNormal, div.MsoNormal
        {margin:0in;
        margin-bottom:.0001pt;
        font-size:12.0pt;
        font-family:"Times New Roman";}
a:link, span.MsoHyperlink
        {color:blue;
        text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
        {color:purple;
        text-decoration:underline;}
span.BalloonTextChar
        {font-family:Tahoma;}
p.msoacetate, li.msoacetate, div.msoacetate
        {margin:0in;
        margin-bottom:.0001pt;
        font-size:8.0pt;
        font-family:Tahoma;}
span.emailstyle17
        {font-family:Arial;
        color:windowtext;}
span.emailstyle18
        {font-family:Arial;
        color:navy;}
span.EmailStyle22
        {font-family:Calibri;
        color:#1F497D;}
span.EmailStyle23
        {font-family:Arial;
        color:navy;}
@page Section1
        {size:8.5in 11.0in;
        margin:1.0in 1.25in 1.0in 1.25in;}
div.Section1
        {page:Section1;}
-->
</style>

</head>

<body lang=EN-US link=blue vlink=purple>

<div class=Section1>

<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'>Hi Jake,</span></font></p>

<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'> </span></font></p>

<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'>The only light I can shed on my issue is a
tale of self-inflected aggravation.  It seems I was using the wrong XP
supplicant, hence the wrong root certificate, and this oversight prevented the </span></font><font
 size=2 color=navy face=Arial><span style='font-size:10.0pt;font-family:Arial;
 color:navy'>TLS</span></font><font size=2 color=navy face=Arial><span
style='font-size:10.0pt;font-family:Arial;color:navy'> tunnel from coming
up.  I got a good FreeRadius log for PEAP-MS-Chapv2 on the internet a went
through it line by line, comparing it to my log, until I noticed that the </span></font><font
 size=2 color=navy face=Arial><span style='font-size:10.0pt;font-family:Arial;
 color:navy'>TLS</span></font><font size=2 color=navy face=Arial><span
style='font-size:10.0pt;font-family:Arial;color:navy'> tunnel never came up in
my setup.  It was then I realized my error and fixed.  </span></font></p>

<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'> </span></font></p>

<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'>Regards,</span></font></p>

<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'>John</span></font></p>

<p class=MsoNormal><font size=2 color=navy face=Arial><span style='font-size:
10.0pt;font-family:Arial;color:navy'> </span></font></p>

<p class=MsoNormal style='margin-left:.5in'><font size=2 face=Tahoma><span
style='font-size:10.0pt;font-family:Tahoma'>-----Original Message-----<br>
<b><span style='font-weight:bold'>From:</span></b> freeradius-users-bounces+jhanavan=avaya.com@lists.freeradius.org
[mailto:freeradius-users-bounces+jhanavan=avaya.com@lists.freeradius.org] <b><span
style='font-weight:bold'>On Behalf Of </span></b>Sallee, Stephen (Jake)<br>
<b><span style='font-weight:bold'>Sent:</span></b> Wednesday, January 19, 2011
8:51 PM<br>
<b><span style='font-weight:bold'>To:</span></b> FreeRadius users mailing list<br>
<b><span style='font-weight:bold'>Subject:</span></b> RE: Issue with local
authentication of MS-ChapV2</span></font></p>

<p class=MsoNormal style='margin-left:.5in'><font size=3 face="Times New Roman"><span
style='font-size:12.0pt'> </span></font></p>

<p class=MsoNormal style='margin-left:.5in'><font size=2 color="#1f497d"
face=Calibri><span style='font-size:11.0pt;font-family:Calibri;color:#1F497D'>Glad
to hear you solved it, care to share so we can all benefit ?</span></font></p>

<p class=MsoNormal style='margin-left:.5in'><font size=2 color="#1f497d"
face=Calibri><span style='font-size:11.0pt;font-family:Calibri;color:#1F497D'> </span></font></p>

<div>

<p class=MsoNormal style='margin-left:.5in'><font size=6 color="#1f497d"
face="Edwardian Script ITC"><span style='font-size:24.0pt;font-family:"Edwardian Script ITC";
color:#1F497D'>Jake Sallee</span></font></p>

<p class=MsoNormal style='margin-left:.5in'><font size=2 color="#1f497d"
face="Baskerville Old Face"><span style='font-size:11.0pt;font-family:"Baskerville Old Face";
color:#1F497D'>Godfather Of Bandwidth</span></font></p>

<p class=MsoNormal style='margin-left:.5in'><font size=2 color="#1f497d"
face="Baskerville Old Face"><span style='font-size:11.0pt;font-family:"Baskerville Old Face";
color:#1F497D'>Network Engineer</span></font></p>

<p class=MsoNormal style='margin-left:.5in'><font size=2 color="#1f497d"
face="Baskerville Old Face"><span style='font-size:11.0pt;font-family:"Baskerville Old Face";
color:#1F497D'> </span></font></p>

<p class=MsoNormal style='margin-left:.5in'><font size=2 color="#1f497d"
face="Baskerville Old Face"><span style='font-size:11.0pt;font-family:"Baskerville Old Face";
color:#1F497D'>Fone: 254-295-4658</span></font></p>

<p class=MsoNormal style='margin-left:.5in'><font size=2 color="#1f497d"
face="Baskerville Old Face"><span style='font-size:11.0pt;font-family:"Baskerville Old Face";
color:#1F497D'>Phax: 254-295-4221</span></font></p>

<p class=MsoNormal style='margin-left:.5in'><font size=2 color="#1f497d"
face="Baskerville Old Face"><span style='font-size:11.0pt;font-family:"Baskerville Old Face";
color:#1F497D'> </span></font></p>

</div>

<p class=MsoNormal style='margin-left:.5in'><font size=2 color="#1f497d"
face=Calibri><span style='font-size:11.0pt;font-family:Calibri;color:#1F497D'> </span></font></p>

<div>

<div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in'>

<p class=MsoNormal style='margin-left:.5in'><b><font size=2 face=Tahoma><span
style='font-size:10.0pt;font-family:Tahoma;font-weight:bold'>From:</span></font></b><font
size=2 face=Tahoma><span style='font-size:10.0pt;font-family:Tahoma'>
freeradius-users-bounces+jake.sallee=umhb.edu@lists.freeradius.org
[mailto:freeradius-users-bounces+jake.sallee=umhb.edu@lists.freeradius.org] <b><span
style='font-weight:bold'>On Behalf Of </span></b>Hanavan, John (John)<br>
<b><span style='font-weight:bold'>Sent:</span></b> Wednesday, January 19, 2011
6:18 PM<br>
<b><span style='font-weight:bold'>To:</span></b> 'FreeRadius users mailing
list'<br>
<b><span style='font-weight:bold'>Subject:</span></b> RE: Issue with local
authentication of MS-ChapV2</span></font></p>

</div>

</div>

<p class=MsoNormal style='margin-left:.5in'><font size=3 face="Times New Roman"><span
style='font-size:12.0pt'> </span></font></p>

<p class=MsoNormal style='margin-left:.5in'><font size=2 color=navy face=Arial><span
style='font-size:10.0pt;font-family:Arial;color:navy'>Hi All,</span></font></p>

<p class=MsoNormal style='margin-left:.5in'><font size=2 color=navy face=Arial><span
style='font-size:10.0pt;font-family:Arial;color:navy'> </span></font></p>

<p class=MsoNormal style='margin-left:.5in'><font size=2 color=navy face=Arial><span
style='font-size:10.0pt;font-family:Arial;color:navy'>We solved the issue in
house.</span></font></p>

<p class=MsoNormal style='margin-left:.5in'><font size=2 color=navy face=Arial><span
style='font-size:10.0pt;font-family:Arial;color:navy'> </span></font></p>

<p class=MsoNormal style='margin-left:.5in'><font size=2 color=navy face=Arial><span
style='font-size:10.0pt;font-family:Arial;color:navy'>Regards,</span></font></p>

<p class=MsoNormal style='margin-left:.5in'><font size=2 color=navy face=Arial><span
style='font-size:10.0pt;font-family:Arial;color:navy'>John</span></font></p>

<p class=MsoNormal style='margin-left:.5in'><font size=2 color=navy face=Arial><span
style='font-size:10.0pt;font-family:Arial;color:navy'> </span></font></p>

<p class=MsoNormal style='margin-left:1.0in'><font size=2 face=Tahoma><span
style='font-size:10.0pt;font-family:Tahoma'>-----Original Message-----<br>
<b><span style='font-weight:bold'>From:</span></b>
freeradius-users-bounces+jhanavan=avaya.com@lists.freeradius.org
[mailto:freeradius-users-bounces+jhanavan=avaya.com@lists.freeradius.org] <b><span
style='font-weight:bold'>On Behalf Of </span></b>Hanavan, John (John)<br>
<b><span style='font-weight:bold'>Sent:</span></b> Wednesday, January 19, 2011
3:56 PM<br>
<b><span style='font-weight:bold'>To:</span></b>
'freeradius-users@lists.freeradius.org'<br>
<b><span style='font-weight:bold'>Subject:</span></b> Issue with local
authentication of MS-ChapV2</span></font></p>

<p class=MsoNormal style='margin-left:1.0in'><font size=3 face="Times New Roman"><span
style='font-size:12.0pt'> </span></font></p>

<p class=MsoNormal style='margin-left:1.0in;text-autospace:none'><font size=2
face=Arial><span style='font-size:10.0pt;font-family:Arial'>I am trying to get
PEAP/MS-ChapV2 working on my Radius Server.  The version I am using is
FreeRadius 2.1.8.  I already have EAP-TLS working between a FreeRadius
Server and an XP supplicant, so I am pretty sure that my certificates are
configured correctly on the FreeRadius Server as well as the XP supplicant that
I am trying to configure PEAP/MS-ChapV2 on.  I have attached the
FreeRadius debug log from one of my attempted connections.  It appears
that the EAP-TLS tunnel comes up but the MS-ChapV2 authentication fails. 
I did see this warning:</span></font></p>

<p class=MsoNormal style='margin-left:1.0in;text-autospace:none'><font size=2
face=Arial><span style='font-size:10.0pt;font-family:Arial'> </span></font></p>

<p class=MsoNormal style='margin-left:1.0in;text-autospace:none'><font size=2
face=Arial><span style='font-size:10.0pt;font-family:Arial'>Warning:  Found
2 auth-types on request for user 'jsmith1'</span></font></p>

<p class=MsoNormal style='margin-left:1.0in;text-autospace:none'><font size=2
face=Arial><span style='font-size:10.0pt;font-family:Arial'> </span></font></p>

<p class=MsoNormal style='margin-left:1.0in;text-autospace:none'><font size=2
face=Arial><span style='font-size:10.0pt;font-family:Arial'>But I am uncertain
what it means and how to correct it.  As stated earlier, I am trying to
use local authentication for the MS-ChapV2 and this seems to be the point of
failure.  I have a packet capture between the Radius Server and the
authenticator showing Radius Access Challenges and Requests but no Access
Accepts.  Not sure what I have mis-configured, so any suggestions would be
greatly appreciated.</span></font></p>

<p class=MsoNormal style='margin-left:1.0in;text-autospace:none'><font size=2
face=Arial><span style='font-size:10.0pt;font-family:Arial'> </span></font></p>

<p class=MsoNormal style='margin-left:1.0in;text-autospace:none'><font size=2
face=Arial><span style='font-size:10.0pt;font-family:Arial'>Regards,</span></font></p>

<p class=MsoNormal style='margin-left:1.0in;text-autospace:none'><font size=2
face=Arial><span style='font-size:10.0pt;font-family:Arial'>John</span></font></p>

<p class=MsoNormal style='margin-left:1.0in'><font size=2 face=Arial><span
style='font-size:10.0pt;font-family:Arial'> </span></font></p>

</div>

</body>

</html>