Regarding providing Custom TOTP MFA in freeradius
Dineshkumar pachamuthu
dineshkumar.pachamuthu at gmail.com
Thu May 2 17:35:03 UTC 2024
Yes Alan,I understand the issue. But I want to force EAP-TTLS/PAP for all
clients including iphone and android devices, irrespective of what protocol
the client uses I want to make them resent with the PAP inner method. Is
this achievable or not?
Thanks
Dineshkumar
On Thu, May 2, 2024 at 9:36 PM Alan DeKok <aland at deployingradius.com> wrote:
> On May 2, 2024, at 3:58 PM, Dineshkumar pachamuthu <
> dineshkumar.pachamuthu at gmail.com> wrote:
> >
> > Thanks for the suggestion. By changing "default_eap_type = eap-ttls" and
> inside of ttls configuration "default_eap_type = pap" (commented all other
> auth type of EAP) , everything worked fine in the Windows machine. However
> in iphones and mac machines, I getting peer not accepting error as follows:
> >
> > eap: Expiring EAP session with state 0x282049aa28215c6d
> > (38) eap: Finished EAP session with state 0x282049aa28215c6d
> > (38) eap: Previous EAP request found for state 0x282049aa28215c6d,
> released from the list
> > (38) eap: Peer sent packet with method EAP NAK (3)
> > (38) eap: Peer NAK'd asking for unsupported EAP type MSCHAPv2 (26),
> skipping...
>
> You've edited the configuration files to remove EAP-MSCHAPv2. Don't do
> that.
>
> Alan DeKok.
>
>
More information about the Freeradius-Devel
mailing list