more EAP/TTLS trouble
alan buxey
A.L.M.Buxey at lboro.ac.uk
Tue May 29 23:00:58 CEST 2012
Hi,
> certificate errors. What could the windows machine be doing different?
> Why does the machine even enter the picture when the authentication is
> between the Access Point and the server?
authentication is between the client and the server - mediated over 802.1X
by the Access point. thats why your client has a supplicant on it..
> Below is the portion of the log which shows the rejection, when using
> my Android phone, TTLS and MSCHAPv2 (that is what Windows uses isnt
> it?) Where I am confused is near the bottom, what is causing the
> rejection?
Win7 will be EAP-PEAPv0/MSCHAPv2
> ++[pam] returns invalid
user/pass in pam?
> WARNING: You set Proxy-To-Realm = LOCAL, but the realm does not exist!
> Cancelling invalid proxy request.
thats kind of a big clue. dont do that. it breaks things. just define
the realm in proxy.conf with no place eg
realm whatever.com {
}
> rlm_pam: Attribute "User-Password" is required for authentication.
you've forced the server to use PAM? MSCHAPv2 doesnt provide 'User-Password'
so wont work.
what ARE you trying to do?
alan
More information about the Freeradius-Users
mailing list