8 Nov
2017
8 Nov
'17
6:53 p.m.
I've configured and tested the EAP-PEAP MSCHAPv2 basic example as documented with FreeRADIUS 3.0.12 using a Windows 10 supplicant configured for WPA2 Enterprise. Instead of using the FreeRADIUS users file for authentication, I want to use a custom Python module in the inner-tunnel (I presume) to authenticate the user with a REST API. 1) How do I know in the Python module when to get in the middle of the multi-step eap authentication without causing problems? 2) How do I get the User-Password? I've seen posts that suggest the User-Password might be sent encrypted in the EAP-Message. If that's the case: 3) How do I know how to decrypt the EAP-Message? 4) Anything else I need to know? Thanks, Gary