Hi,
I configured Freeradius 2.1.10 Debian 6.0.2 using EAP-TLS authentication. I generated the client and server certificated with XP extention. I created my certificated in the freeradius server, is that ok? or I have to create it in a different machine? I am validating my client (Windows XP) with the server and I get this error:
the answers are in the debug output you posted.....just go through the 'PEAP ping/pong' until the inner-tunnel ahs been established and the actual auth is done....its near the bottom..
[mschapv2] +- entering group MS-CHAP {...} [mschap] No Cleartext-Password configured. Cannot create LM-Password. [mschap] No Cleartext-Password configured. Cannot create NT-Password. [mschap] NT Domain delimeter found, should we have enabled with_ntdomain_hack? [mschap] Creating challenge hash with username: PDVSA2000\TORREALBAW [mschap] Told to do MS-CHAPv2 for PDVSA2000\TORREALBAW with NT-Password [mschap] FAILED: No NT/LM-Password. Cannot perform authentication. [mschap] FAILED: MS-CHAP2-Response is incorrect
have you set with_ntdomain_hack = yes ? have you configured the RADIUS so that the realm PDVSA2000 is known (add it to proxy.conf like realm PDVSA2000 { } alan