mschap/peap question
Alan DeKok
aland at deployingradius.com
Fri Jul 2 17:23:58 CEST 2010
Wegener, Norbert wrote:
> With 2.1.8 and the configuration from
> http://deployingradius.com/scripts/eapol_test/peap-mschapv2.conf
> I want to test a radius configuration. The linux server running radius is member
> of the AD domain, mschap succeeds but finally the authentication fails.
> freeradius sends Challenges to which eapol_test will not respond.
> This should not be the behaviour mentioned in eap.conf regarding windows compatibility
> as eapol_test says:
>
> ...
> EAP-MSCHAPV2: RX identifier 11 mschapv2_id 10
> EAP-MSCHAPV2: Received success
> EAP-MSCHAPV2: Invalid authenticator response in success request
> EAP: method process -> ignore=FALSE methodState=MAY_CONT decision=FAIL
> and finally fails.
If you're running Samba... it's a Samba bug.
Like most of these issues, try it with a test user && password in the
"users" file. If it works there, but not when Samba is used: blame Samba.
See eap.conf in 2.1.8 for pointers to the bug URL.
Alan DeKok.
More information about the Freeradius-Users
mailing list