Below is the whole output. I have two questions: 1. Is this correct because I kinda think this is the problem. --> peap { default_eap_type = "mschapv2" copy_request_to_tunnel = yes use_tunneled_reply = yes proxy_tunneled_request_as_eap = yes }
2. How can I tell what MSCHAPv2 didn't like about the previous packet? I still believe it is a password styled issue. I have tried NT hash, cleartext, etc. nothing works.
Any help would be greatly appriecated! Thanks.
Starting - reading configuration files ... including configuration file /usr/local/etc/raddb/radiusd.conf including configuration file /usr/local/etc/raddb/proxy.conf including configuration file /usr/local/etc/raddb/clients.conf including configuration file /usr/local/etc/raddb/snmp.conf including configuration file /usr/local/etc/raddb/eap.conf including configuration file /usr/local/etc/raddb/sql.conf including configuration file /usr/local/etc/raddb/sql/mysql/dialup.conf including configuration file /usr/local/etc/raddb/sql/mysql/counter.conf including configuration file /usr/local/etc/raddb/policy.conf including files in directory /usr/local/etc/raddb/sites-enabled/ including configuration file /usr/local/etc/raddb/sites-enabled/default including dictionary file /usr/local/etc/raddb/dictionary
Something is not right here. What version is this? Inner-tunnel virtual server is missing both in configuration and in peap section. And that's where mschap should be processed. set_auth_type in ldap should also be set to no in your case. Don't provide User-Password (it only creates problems; Cleartext-Password should be used), NT-Password is enough. As a general point, I don't see Cleartext-Password in default ldap.attrmap (2.0.5). Perhaps mapping should be added? Ivan Kalik Kalik Informatika ISP