EAP-TTLS and PEAP auth problem ... sorry!!

Gandalf the Gray gtheg1 at yahoo.com
Fri Jul 8 13:13:52 CEST 2005


thanks for the help until now!

I have another problem on freeradius, related to PEAP.

The MSCHAP module needs a couple user-pw to perform
authentication... and in the radiusd log I can read
that is not possible to retrieve a NT-password or
NL-password.

But I don't want to use such thing (I read is related
to Samba).

I would like to submit user and password to my LDAP
server, and this one have to check the right
relationship!
But I know EAP doesn't allow plain text PW, as LDAP
needs!

Now: is it possible to tell MSCHAP to use LDAP or
passwd file to authenticate the user?
And, before this, is it possible to obtain the PW from
the EAP challenge in order to submit it further?

Please give me a little advice... it seems it should
be a problem soooo simple to solve! I already lost 10
days ..

to help: I'm working with such a system.
- Standard Windows XP client, PEAP-MSCHAPv2 
- Aegis supplicant, with all types of EAP
- Access Point Cisco Aironet 1200, set to use WPA-TKIP
and EAP authentication
-Freeradius server, working on GENTOO linux 2005

thank you very much, for everything you could suggest!

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 



More information about the Freeradius-Users mailing list