Any luck with 802.1x authentication using TTLS with MSCHAPv2 ?

Mak Moussa mmoussa at
Thu Oct 12 08:02:15 CEST 2006


Thank you for the pointers to the source code.
My colleague Colus Tang was quick to dive into the code and had to patch 2
files: ttls.c and rlm_eap_ttls.c to change the behavior from eap_mschap to

He tested the patch successfully using v1.1.3 on Linux and both TTLS-mschap
and TTLS-mschav2 authentications worked fine.
I tested the patch using v1.1.2 on Freebsd 5.3 and got the same successful
Please review the attached patch for any additional improvements as needed.

I am attaching two console outputs of 'radiusd -X' before and after the
patch to show the behavior differences.

Many thanks for the help.


-----Original Message-----
From: at
[ at]
On Behalf Of Alan DeKok
Sent: Friday, October 06, 2006 6:18 AM
To: FreeRadius users mailing list
Subject: Re: Any luck with 802.1x authentication using TTLS with MSCHAPv2 ? 

"Mak Moussa" <mmoussa at> wrote:
> Would you still say that it is the ttls.c code, even though ttls w/mschap
> worked fine?


> I am looking for a differentiator in the code between mschap and mschapv2,

  Like the code I pointed you to?

  Alan DeKok.
--       - The web site of the book - The blog
List info/subscribe/unsubscribe? See
-------------- next part --------------
A non-text attachment was scrubbed...
Name: winmail.dat
Type: application/ms-tnef
Size: 58159 bytes
Desc: not available
URL: <>

More information about the Freeradius-Users mailing list