EAP authentication with Cisco AP

Alan DeKok aland at deployingradius.com
Tue Oct 23 05:33:16 CEST 2007

Peter Param wrote:
> I have been trying, unsuccessfully, to get a windows supplicant (as
> shipped with Vista) to authenticate via freeradius/ldap.  The
> freeradius/ldap combo works well with the existing VPN authen/auth that
> we have here on campus but not with EAP.  I'm not sure what or where to
> go from here ...any pointers?
> Sending Access-Challenge of id 251 to port 1645
>         EAP-Message = 
> 0x010800501900170301002056b3fce58dfde9876381acb7eb7ec8139c58d280947a6c2cae9d9eeba78271f61703010020086e9221f752701d9d96797db6f7ae6
> c3d6ff0e8afe29639e9607da3bb708140
>         Message-Authenticator = 0x00000000000000000000000000000000
>         State = 0x144352a3976c560713ae411bf3b1f1fd
> Finished request 5
> Going to the next request
> Waking up in 6 seconds...
> --- Walking the entire request list ---
> Cleaning up request 0 ID 246 with timestamp 471df0af

  You don't have the magic Windows OID's in the certificates.  This is
in the FAQ, and documented in the comments in eap.conf.

  Alan DeKok.

More information about the Freeradius-Users mailing list