Any luck with 802.1x authentication using TTLS with MSCHAPv2 ?
Alan DeKok
aland at deployingradius.com
Thu Oct 5 17:04:58 CEST 2006
"Mak Moussa" <mmoussa at mmoussa.com> wrote:
> I would appreciate any insight into the 802.1x authentication using TTLS
> with MSCHAPv2. Such auth scheme is constantly failing in my wireless setup
> with FreeRadius. I tried 3 versions v1.0.5, v1.1.2 and v1.1.3 with not much
> luck.
OK...
> The following authentication schemes worked fine:
> 1. TTLS w/ MSCHAP from my wireless client to freeradius v1.0.5, v1.1.2,
> v1.1.3
> 2. PEAP w/ MSCHAPv2 with same wireless client to same freeradius versions.
> 3. TTLS w/ MSCHAPv2 from the same wireless setup to an SBR v5.3
OK.
> If I made a freeradius configuration mistake, TTLS with mschap wouldn't
> work.
Hmm... it may be that the MSCHAPv2 support in the TTLS code needs
work. I haven't looked at it recently, but I do recall some
work-arounds..
Which client are you using? It looks like Windows, but Windows
doesn't support TTLS natively, so you're obviously doing something
special.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
More information about the Freeradius-Users
mailing list