Any luck with 802.1x authentication using TTLS with MSCHAPv2 ?

Alan DeKok aland at
Thu Oct 5 17:04:58 CEST 2006

"Mak Moussa" <mmoussa at> wrote:
> I would appreciate any insight into the 802.1x authentication using TTLS
> with MSCHAPv2. Such auth scheme is constantly failing in my wireless setup
> with FreeRadius. I tried 3 versions v1.0.5, v1.1.2 and v1.1.3 with not much
> luck.


> The following authentication schemes worked fine:
> 1. TTLS w/ MSCHAP from my wireless client to freeradius v1.0.5, v1.1.2,
> v1.1.3
> 2. PEAP w/ MSCHAPv2 with same wireless client to same freeradius versions.
> 3. TTLS w/ MSCHAPv2 from the same wireless setup to an SBR v5.3


> If I made a freeradius configuration mistake, TTLS with mschap wouldn't
> work.

  Hmm... it may be that the MSCHAPv2 support in the TTLS code needs
work.  I haven't looked at it recently, but I do recall some

  Which client are you using?  It looks like Windows, but Windows
doesn't support TTLS natively, so you're obviously doing something

  Alan DeKok.
--       - The web site of the book - The blog

More information about the Freeradius-Users mailing list