802.1x eap via freeradius over 1131APs to wlc4402 on ent suse with 2003 AD
Alan DeKok
aland at deployingradius.com
Fri Jan 14 07:19:34 CET 2011
Jason Hall wrote:
> Ok, I connect to the wireless with my client cert installed, I get a see an eap exchange but cannot connect.
>
> I've been looking over this for days now, just wanted to get some advice/help because I'm honestly lost at this point.
See http://networkradius.com/freeradius.html
While there's a lot of text, it's pretty easy to read when something
goes wrong. Look for "error" or "warning" or "fail".
> [mschapv2] +- entering group MS-CHAP {...}
> [mschap] No Cleartext-Password configured. Cannot create LM-Password.
> [mschap] No Cleartext-Password configured. Cannot create NT-Password.
> [mschap] NT Domain delimeter found, should we have enabled with_ntdomain_hack?
> [mschap] Told to do MS-CHAPv2 for (domain)\(username) with NT-Password
> [mschap] FAILED: No NT/LM-Password. Cannot perform authentication.
> [mschap] FAILED: MS-CHAP2-Response is incorrect
> ++[mschap] returns reject
You didn't tell the server the "known good" password for the user.
Alan DeKok.
More information about the Freeradius-Users
mailing list