My PPTP+802.1X+MS-CHAP+EAP+OpenLDAP+MySQL Project.
Phil Mayers
p.mayers at imperial.ac.uk
Thu Jan 11 12:44:10 CET 2007
Evan Vittitow wrote:
> I want to secure my Wireless Access points using 802.1X and PEAP, or
> EAP-TLS that are operated by my Cisco Aironet 340. I'm not interested in
> encrypting traffic. I have UDP Protocols like Quake 3 that are degraded
You can't use EAP on any wireless point that I know of *without*
encrypting the data. It wouldn't make any sense.
Anyway...
> by WPA, WEP and IPSec. IPSec may get implemented in due time, but for
> now, thats not on the agenda. My current issue is securing the APs from
> unauthorized access.
>
> My Progess so far:
>
> The issue with the VPNs is that even through Client Side PPP uses
> MS-CHAP, FreeRadius is causing pppd to think its authenticating normal CHAP.
>
> Jan 9 03:09:00 kurama pppd[12373]: Peer User failed CHAP authentication
> rlm_mschap: Found LM-Password
> rlm_mschap: Found NT-Password
> rlm_mschap: No MS-CHAP-Challenge in the request
This is a pppd configuration issue. You need (probably) the following in
/etc/ppp/options.pptpd:
-chap
-mschap
+mschap-v2
require-mppe
More information about the Freeradius-Users
mailing list