AW: mschap/peap question
Wegener, Norbert
Norbert.Wegener at siemens.com
Fri Jul 2 18:51:03 CEST 2010
Using the users file it works. So samba can be blamed even in the current version 3.4.7 :-(
With best regards,
Norbert Wegener
Siemens AG
Siemens IT Solutions and Services
SIS GO NW PSU SDC AS&INS
Bruchstraße 5
45883 Gelsenkirchen, Germany
Tel.: +49 (209) 94565716
Fax: +49 (201) 8165581284
mailto:norbert.wegener at siemens.com
Siemens Aktiengesellschaft: Chairman of the Supervisory Board: Gerhard Cromme; Managing Board: Peter Loescher, Chairman, President and Chief Executive Officer; Wolfgang Dehen, Heinrich Hiesinger, Joe Kaeser, Barbara Kux, Hermann Requardt, Siegfried Russwurm, Peter Y. Solmssen; Registered offices: Berlin and Munich, Germany; Commercial registries: Berlin Charlottenburg, HRB 12300, Munich, HRB 6684; WEEE-Reg.-No. DE 23691322
________________________________________
Von: freeradius-users-bounces+norbert.wegener=siemens.com at lists.freeradius.org [freeradius-users-bounces+norbert.wegener=siemens.com at lists.freeradius.org] im Auftrag von Alan DeKok [aland at deployingradius.com]
Gesendet: Freitag, 2. Juli 2010 17:23
An: FreeRadius users mailing list
Betreff: Re: mschap/peap question
Wegener, Norbert wrote:
> With 2.1.8 and the configuration from
> http://deployingradius.com/scripts/eapol_test/peap-mschapv2.conf
> I want to test a radius configuration. The linux server running radius is member
> of the AD domain, mschap succeeds but finally the authentication fails.
> freeradius sends Challenges to which eapol_test will not respond.
> This should not be the behaviour mentioned in eap.conf regarding windows compatibility
> as eapol_test says:
>
> ...
> EAP-MSCHAPV2: RX identifier 11 mschapv2_id 10
> EAP-MSCHAPV2: Received success
> EAP-MSCHAPV2: Invalid authenticator response in success request
> EAP: method process -> ignore=FALSE methodState=MAY_CONT decision=FAIL
> and finally fails.
If you're running Samba... it's a Samba bug.
Like most of these issues, try it with a test user && password in the
"users" file. If it works there, but not when Samba is used: blame Samba.
See eap.conf in 2.1.8 for pointers to the bug URL.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list