EAP + TLS + Unix passwords
Andy Theuninck
gohanman at gmail.com
Thu Nov 19 23:31:44 CET 2009
> Well, you are using 1.1.3. It's known not to work with Vista, XP SP3 and
> probably more supplicants. You should upgrade to current version (follow
> RedHat FAQ).
Good to know. I'll have to look into that next.
>> Sending Access-Accept of id 0 to 192.168.1.253 port 2048
>> MS-MPPE-Recv-Key = 0xa1836258d98b7a77c6cf4a84b7866f22
>> MS-MPPE-Send-Key = 0x541b00b14300752de69272f2e8d0f196
>> MS-MPPE-Encryption-Policy = 0x00000001
>> MS-MPPE-Encryption-Types = 0x00000006
>> MS-MPPE-Recv-Key =
>> 0x8083917dfae797d7a33df37fa99c2f8f295c1b48a600bc86a486b05027c33515
>> MS-MPPE-Send-Key =
>> 0x9f7031c562af44e884a67d8d14ef36df9008de8b7bc2f01b06ab9dd2e8a46c93
>> EAP-Message = 0x03030004
>> Message-Authenticator = 0x00000000000000000000000000000000
>> User-Name = "andy"
>
> Only thing that looks wrong here are two sets of MPPE keys. Debug the
> supplicant and see if that's breaking things.
I don't know if it explains the double-up, but once I changed the
supplicant from TTLS/MSCHAPv2 to TTLS/MSCHAP, I had a working
connection.
(insert complaint about OS X not logging anything useful here)
More information about the Freeradius-Users
mailing list