Hi,
I have been using FreeRADIUS for some time now to do simple MAC authentication for the original implementation of our wireless network. This of course was a temporary solution and I am trying to move all of the users over to PEAP Authentication.
okay. you'd be much better off with recent version of the server/daemon..but still. by the looks of it, almost everything is fine - barring the final check of the use r- HOW are you attempting to authorise the users? I ask because the main issue i see from debug is
rlm_eap: EAP/mschapv2 rlm_eap: processing type mschapv2 Processing the authenticate section of radiusd.conf modcall: entering group MS-CHAP for request 8 rlm_mschap: No User-Password configured. Cannot create LM-Password. rlm_mschap: No User-Password configured. Cannot create NT-Password. rlm_mschap: Told to do MS-CHAPv2 for C12660 with NT-Password rlm_mschap: FAILED: No NT/LM-Password. Cannot perform authentication. rlm_mschap: FAILED: MS-CHAP2-Response is incorrect modcall[authenticate]: module "mschap" returns reject for request 8 modcall: leaving group MS-CHAP (returns reject) for request 8 rlm_eap: Freeing handler
this means the inner tunnel part of the PEAP (MSCHAPv2) is failing because it knows not the way of dealing with the password supplied (if any!) so, you can either put a password into a DB or plain file (users) or you can use eg ntlm_auth to so a challenge response check alan