PEAP-MSCHAPv2 authentication failure
Sayantan Bhowmick
sbhowmick at novell.com
Tue Jan 24 07:18:11 CET 2006
Thanks. That helps. It is working now.
Regards,
-Sayantan.
>>> On Mon, Jan 23, 2006 at 5:45 pm, in message
<43D4C8E4.7060203 at imperial.ac.uk>,
p.mayers at imperial.ac.uk wrote:
> Sayantan Bhowmick wrote:
>> Hi ,
>> I am trying to do PEAP MSCHAPv2 authentication. I am using
>> FreeRADIUS version 1.1.0 on Suse 9.0 and WinXP as the Suplicant.
When I
>> select "Automatically use my Windows Logon name and password
>> (and domain if any)" in the network properties, WinXP tries to login
as
>> domain- name\\user- name. I have enabled the "realm ntdomain"
option in
>> radiusd.conf and have created an entry in the proxy.conf file.
However
>> the authentication still fails. I am using eDirectory as my user
store
>> and (I cannot use the ntlm_auth option as I do not have a AD setup).
The
>> debug log is as follows. Can anyone please tell me how to get this
>> working?
>>
>
> I realise there's a lot of data, but careful examination of the end
of
> the logfile shows?
>
>> rlm_mschap: NT Domain delimeter found, should we have enabled
>> with_ntdomain_hack?
>
> Yes, you should have enabled that.
>
>> rlm_mschap: Told to do MS- CHAPv2 for NOVELL- QT5M8B08\radiususer
with
>> NT- Password
>> rlm_mschap: FAILED: MS- CHAP2- Response is incorrect
>
> ...because you need to enable the with_ntdomain_hack
>
> Hope that helps.
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list