Getting DD-WRT to work with FreeRadius and LEAP authentication

Kostya kostya.y at
Sun Jun 2 20:10:20 CEST 2013

I am trying to set up a WPA2 Enterprise protected network with FreeRadius
as the radius server.
I have configured everything and it was working fine. Then I realised that
I need to use LEAP to replicate a specific environment to test.

I am struggling with this for the entire day, I tried many different
configurations but nothing seems to help.

Basically nothing happens after the Access-Challenge message is sent to the

Does anyone have experience getting LEAP to work with DD-WRT and FreeRadius?

Thanks in advance.

Below is the log:

--- SNIP --
rad_recv: Access-Request packet from host port 54801, id=12,
User-Name = "u"
NAS-IP-Address =
NAS-Port = 1
Called-Station-Id = "B8-A3-86-67-24-82:XXX"
Calling-Station-Id = "F4-1B-A1-91-45-3B"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 54Mbps 802.11g"
EAP-Message =
State = 0x42737061420e616797f7f81cea17822d
Message-Authenticator = 0x0d4a57a752036588d9c4bd197ef5ab86
# Executing section authorize from file
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "u", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 125 length 33
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
[files] users: Matched entry u at line 81
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
[pap] WARNING: Auth-Type already set.  Not setting to PAP
++[pap] returns noop
Found Auth-Type = EAP
# Executing group from file /etc/freeradius/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/leap
[eap] processing type leap
  rlm_eap_leap: Stage 4
  rlm_eap_leap: NtChallengeResponse from AP is valid
[eap] Underlying EAP-Type set EAP ID to 126
++[eap] returns ok
# Executing section post-auth from file
+- entering group post-auth {...}
++[exec] returns noop
Sending Access-Challenge of id 12 to port 54801
EAP-Message = 0x037e0004
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x42737061430d616797f7f81cea17822d
Finished request 5.
Going to the next request
Waking up in 4.9 seconds.
Cleaning up request 4 ID 11 with timestamp +127
Cleaning up request 5 ID 12 with timestamp +127
Ready to process requests.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the Freeradius-Users mailing list