eap-mschapv2
indira kolli
indkolli at gmail.com
Thu Jan 17 20:56:00 CET 2008
Hello Alan,
I finally got it working. I missed the reply to the second
access-challenge.
One thing I am still not sure is about MPPE keys.
For us we are using only EAP-MSCHAPv2 without peap.
The authenticator needs the MPPE keys to authenticate the peer.
But in the EAP-MSCAHPv2 Access-Challenge or Access-accept don't see the
keys. I see that the keys are generated for MSCHAPv2 but are
deleted before the request is sent.
Help is very much appreciated.
Thank you
Indi
On Jan 16, 2008 12:09 PM, Alan DeKok <aland at deployingradius.com> wrote:
> indira kolli wrote:
> > What is the expected callflow for EAP-MSCAHPv2
>
> Read the specification, or the source code.
>
> > Access-request
> > Access-Challenge
> > Access-request
> > Access-Accept
> >
> > Why am I getting Access-challenge again
>
> You're not saying which supplicant you're using.
>
> Let me guess: you're writing your own, and trying to debug it using
> FreeRADIUS. If that's true, I suggest that you go read the
> wpa_supplicant source code. It implements EAP-MSCHAPv2 correctly.
>
> If you're not writing your own supplicant, then the server is working
> correctly. You may be surprised that more than one Access-Challenge is
> being sent, but that is the Way It Works. If you care to know why, go
> read the source code in rlm_eap_mschapv2.c
>
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20080117/7969c57d/attachment.html>
More information about the Freeradius-Users
mailing list