EAP (PEAP) problem with MS Win XP

A.L.M.Buxey at lboro.ac.uk A.L.M.Buxey at lboro.ac.uk
Thu Sep 20 20:53:49 CEST 2007


Hi,
> ** High Priority **
> ** Reply Requested When Convenient **

What? This isnt a paid-for service. answers given on this mailing list
are given in community spirit.  however, should you wish to take
any of us on in a consulting role for usual financial reimbursements
under contractual agreement ona  commercial basis then i am sure that such
requests would be taken for granted.

so, PEAP isnt working. have you tested from a non windows box to ensure
that you havent fallen foul of the usual EAP problems - as clearly noted
at the top of eap.conf?

if so, then i would be concerned by this int he debug:


> modcall: entering group authenticate for request 0
> rlm_eap: Identity does not match User-Name, setting from EAP Identity.
>   rlm_eap: Failed in handler
>   modcall[authenticate]: module "eap" returns invalid for request 0
> modcall: leaving group authenticate (returns invalid) for request 0
> auth: Failed to validate the user.
> Login incorrect: [53986067/<no User-Password attribute>] (from client elhc-network port 0 cli 00-0F-CB-FA-D4-63)


what are you doing with the User-Name and/or identity? you cant play with those
packets as it breaks EAP.  the debug also looks worryingly short. you should
post the whole debug. also, HOW are you authenticating the users? you
dont have ntlm_auth set and LDAP doesnt seem to be doing anything...I fear
very very much that you have some Auth-Type := EAP  in yours users file
or something worse!  please post your config files.

oh, and dont hurry, i'm certainly not demanding an urgent response.

alan



More information about the Freeradius-Users mailing list