problems with authorization PEAP - EAP-MSCHAPv2 clients
Lukas Lisa
lukas.lisa at stringdata.cz
Wed Oct 29 09:50:34 CET 2008
Thanks for reply. I tried to change default_eap_type
in main eap section but it doesn't work.
I tried also dozens combinations of configuration
but authorization process doesn't continue after
establishing SSL tunnel and sending Access Challenge
to the 3com switch
Lukas Lisa
Madwifi Wireless wrote:
> I am not an expert on this but I think here is the problem. Under *eap*
> you have this:
>
> ######## eap #######
> eap {
> default_eap_type = md5
> timer_expire = 60
> ignore_unknown_eap_types = no
> cisco_accounting_username_bug = no
>
>
> I think you want to change it to:
>
> ######## eap #######
> eap {
> default_eap_type = *mschapv2*
> timer_expire = 60
> ignore_unknown_eap_types = no
> cisco_accounting_username_bug = no
>
>
>
> That seem to work for me. Give it a try. I have test FR 2.1.1 with that
> configuration. Client is Win XP SP3
>
>
> Lukas Lisa wrote:
>> Hello,
>> I would like to authorize windows clients access to 3com Baseline
>> Switch 2948 SFP against FreeRADIUS server 2.0.5.
>>
>> Windows are cofigured to use PEAP - EAP-MSCHAPv2.
>> Server certificate was created with bootstrap script (xpextensions
>> are included).
>>
>> I tried windows xp sp3 and linux (wpa_supplicant) client and both
>> cause the same server output and authorization can't pass.
>> Testing tools eapol_test, radeapclient and jRadiusSimulator can pass
>> all tests fine.
>>
>> EAP - MD5 Challenge works fine.
More information about the Freeradius-Users
mailing list