Authentication issues with Win7 and WPA/WPA2 Enterprise
Phil Mayers
p.mayers at imperial.ac.uk
Wed May 18 19:34:25 CEST 2011
On 18/05/11 17:35, Gary Gatten wrote:
> That's what I was afraid of...
>
> Can you expand on this:
>
> "You *can* check that a given response is valid for a given challenge, if
> you know the password or nt hash."
At length, but I would be here all day ;o)
Basically, I've got a python script that performs the MS-CHAP crypto.
I'll see if I can stick it somewhere people can make use of it.
But FreeRADIUS does this "right". There's no need for an external script
(unless you're fiddling with the MS-CHAP module guts, which I was when I
wrote it).
If FreeRADIUS is telling you the mschap response is wrong, it's wrong.
Either:
1. The client is sending wrong data
2. The server has wrong data (password/hash)
3. Something is fiddling with the data in transit
Since we *know* your Aruba kit is doing some fiddling, it
More information about the Freeradius-Users
mailing list