PEAP/MSCHAPv2 failing with Windows 7
ironrake at yahoo.com
ironrake at yahoo.com
Tue May 10 13:40:24 CEST 2011
Check some basic stuff too. Make sure your radius user can run ntlm_auth.
Sent from Verizon Wireless
-----Original Message-----
From: Phil Mayers <p.mayers at imperial.ac.uk>
Sender: freeradius-users-bounces+ironrake=yahoo.com at lists.freeradius.org
Date: Tue, 10 May 2011 09:55:54
To: <freeradius-users at lists.freeradius.org>
Reply-To: FreeRadius users mailing list <freeradius-users at lists.freeradius.org>
Subject: Re: PEAP/MSCHAPv2 failing with Windows 7
On 05/09/2011 10:55 PM, Gary Gatten wrote:
>
> Exec-Program output: Logon failure (0xc000006d)
>
> Exec-Program-Wait: plaintext: Logon failure (0xc000006d)
>
> Exec-Program: returned: 1
>
> [mschap] External script failed.
>
> [mschap] FAILED: MS-CHAP2-Response is incorrect
>
> ++[mschap] returns reject
You've trimmed the debug output, so we can't see what the problem is.
Don't do that.
> In the PEAP properties, EAP-MSCHAP v2, if you DISABLE “automatically use
> my windows logon name and password” and instead enter the credentials
> manually it works.
Are the machines domain members?
> I should note, it appears the Aruba gear is terminating the PEAP – FR
> only sees an MSCHAP request.
DEFINITELY don't do that!
Is it passing the PEAP inner as EAP-MSCHAPv2 or plain MS-CHAPv2?
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list