<div dir="ltr">Hi<div style>I am trying to set up a WPA2 Enterprise protected network with FreeRadius as the radius server.</div><div style>I have configured everything and it was working fine. Then I realised that I need to use LEAP to replicate a specific environment to test.</div>
<div style><br></div><div style>I am struggling with this for the entire day, I tried many different configurations but nothing seems to help.</div><div style><br></div><div style>Basically nothing happens after the Access-Challenge message is sent to the router.</div>
<div style><br></div><div style>Does anyone have experience getting LEAP to work with DD-WRT and FreeRadius?</div><div style><br></div><div style>Thanks in advance.</div><div style><br></div><div style>Below is the log:</div>
<div style><br></div><div style>--- SNIP --</div><div style><div>rad_recv: Access-Request packet from host 10.0.1.131 port 54801, id=12, length=195</div><div><span class="" style="white-space:pre"> </span>User-Name = "u"</div>
<div><span class="" style="white-space:pre"> </span>NAS-IP-Address = 10.0.1.131</div><div><span class="" style="white-space:pre"> </span>NAS-Port = 1</div><div><span class="" style="white-space:pre"> </span>Called-Station-Id = "B8-A3-86-67-24-82:XXX"</div>
<div><span class="" style="white-space:pre"> </span>Calling-Station-Id = "F4-1B-A1-91-45-3B"</div><div><span class="" style="white-space:pre"> </span>Framed-MTU = 1400</div><div><span class="" style="white-space:pre"> </span>NAS-Port-Type = Wireless-802.11</div>
<div><span class="" style="white-space:pre"> </span>Connect-Info = "CONNECT 54Mbps 802.11g"</div><div><span class="" style="white-space:pre"> </span>EAP-Message = 0x027d0021110100188fa7a89c2cd5242f7ab0b864429deef700468c0b7c4fcc2575</div>
<div><span class="" style="white-space:pre"> </span>State = 0x42737061420e616797f7f81cea17822d</div><div><span class="" style="white-space:pre"> </span>Message-Authenticator = 0x0d4a57a752036588d9c4bd197ef5ab86</div><div>
# Executing section authorize from file /etc/freeradius/sites-enabled/default</div><div>+- entering group authorize {...}</div><div>++[preprocess] returns ok</div><div>++[chap] returns noop</div><div>++[mschap] returns noop</div>
<div>[suffix] No '@' in User-Name = "u", looking up realm NULL</div><div>[suffix] No such realm "NULL"</div><div>++[suffix] returns noop</div><div>[eap] EAP packet type response id 125 length 33</div>
<div>[eap] No EAP Start, assuming it's an on-going EAP conversation</div><div>++[eap] returns updated</div><div>[files] users: Matched entry u at line 81</div><div>++[files] returns ok</div><div>++[expiration] returns noop</div>
<div>++[logintime] returns noop</div><div>[pap] WARNING: Auth-Type already set. Not setting to PAP</div><div>++[pap] returns noop</div><div>Found Auth-Type = EAP</div><div># Executing group from file /etc/freeradius/sites-enabled/default</div>
<div>+- entering group authenticate {...}</div><div>[eap] Request found, released from the list</div><div>[eap] EAP/leap</div><div>[eap] processing type leap</div><div> rlm_eap_leap: Stage 4</div><div> rlm_eap_leap: NtChallengeResponse from AP is valid</div>
<div>[eap] Underlying EAP-Type set EAP ID to 126</div><div>++[eap] returns ok</div><div># Executing section post-auth from file /etc/freeradius/sites-enabled/default</div><div>+- entering group post-auth {...}</div><div>++[exec] returns noop</div>
<div>Sending Access-Challenge of id 12 to 10.0.1.131 port 54801</div><div><span class="" style="white-space:pre"> </span>EAP-Message = 0x037e0004</div><div><span class="" style="white-space:pre"> </span>Message-Authenticator = 0x00000000000000000000000000000000</div>
<div><span class="" style="white-space:pre"> </span>State = 0x42737061430d616797f7f81cea17822d</div><div>Finished request 5.</div><div>Going to the next request</div><div>Waking up in 4.9 seconds.</div><div>Cleaning up request 4 ID 11 with timestamp +127</div>
<div>Cleaning up request 5 ID 12 with timestamp +127</div><div>Ready to process requests.</div><div style>-- END OF SNIP --</div></div></div>