AW: Authentication with eap/mschapv2
Ivan Kalik
tnt at kalik.net
Thu Sep 17 19:30:15 CEST 2009
> I have tried now both with or without encryption
>
> Module: Instantiating mschap
> mschap {
> use_mppe = yes
> require_encryption = no
> require_strong = no
> with_ntdomain_hack = yes
>
> unfortunately the result is still the same
>
> Found Auth-Type = EAP
> +- entering group authenticate {....}
> [eap] Request found, released from the list
> [eap] EAP/mschapv2
> [eap] processing type mschapv2
> rlm_eap_mschapv2: Invalid response type 4
> [eap] Handler failed in EAP/mschapv2
> [eap] Failed in EAP select
> ++[eap] returns invalid
> Failed to authenticate the user.
>
> Does it make sense to enable the encryption for mschap since the eap
> tunnel (as far I have understood) is the whole way from the client to the
> radius server.
MPPE is encrypting connection between the user and NAS. Nothing to do with
authentication encryption.
Does PEAP work for username/pass in users file? Comment out ntlm_auth
line in mschap module and see if authentication can complete like that.
Ivan Kalik
Kalik Informatika ISP
More information about the Freeradius-Users
mailing list