freeradius+peap+mschap+AD
Alan Buxey
A.L.M.Buxey at lboro.ac.uk
Mon Apr 26 15:37:06 CEST 2010
Hi,
> Info: ++[mschap] returns ok
> Debug: MSCHAP Success
> ----
> So i assume that the auth. against AD is OK
not if you havent done the EAP inner-tunnel stuff yet - unless you mean
basic authorize has completed.
> but then the inner tunnel does something....
well, it tries to
> Mon Apr 26 12:32:15 2010 : Info: [peap] Got tunneled Access-Challenge
> Mon Apr 26 12:32:15 2010 : Info: ++[eap] returns handled
> Sending Access-Challenge of id 0 to 194.47.88.154 port 2051
> EAP-Message =
> 0x0107005b19001703010050154c3b195ed5a3fa88fd21477529cf86ee7d1d98cf8eb918036ac8aa14cd6f8c66a1836e9ab27087ad7df766d20447dbce1247b6a9ccf6b4376d854978db210db60f9b3578592123a4c5d43a205e8f79
> Message-Authenticator = 0x00000000000000000000000000000000
> State = 0x3b975d133d90441898602b7c0076958a
it sends a challenge back to the NAS/AP - but nothign else is happening.....
so, either the NAS or the client. how have you got the AP set up? 802.1X or
WPA-Enterprise? how is the client configured? to use PEAP/MSCHAPv2 or EAP-TTLS/MSCHAPv2?
got the required certificate installed on the client?
alan
More information about the Freeradius-Users
mailing list