eap: ERROR: Failed continuing EAP PEAP (25) session.
stefanopardini at gmail.com
Mon Aug 1 13:10:26 CEST 2016
I'm authenticating users against Samba4 using Winbindd (PEAP-MSCHAPv2).
With radtest everything is working fine; the user information are
correctly extracted and the authentication process is successful.
I'm now trying to access through a WiFi client.
The access point is configured properly and can communicate with the
But I'm encountering the following error (radiusd -X):
(8) eap_peap: Continuing EAP-TLS
(8) eap_peap: [eaptls verify] = ok
(8) eap_peap: Done initial handshake
(8) eap_peap: [eaptls process] = ok
(8) eap_peap: Session established. Decoding tunneled attributes
(8) eap_peap: PEAP state send tlv success
(8) eap_peap: Received EAP-TLV response
(8) eap_peap: Client rejected our response. The password is probably incorrect
(8) eap_peap: ERROR: We sent a success, but the client did not agree
(8) eap: ERROR: Failed continuing EAP PEAP (25) session. EAP sub-module failed
(8) eap: Sending EAP Failure (code 4) ID 232 length 4
(8) eap: Failed in EAP select
(8) [eap] = invalid
(8) } # authenticate = invalid
(8) Failed to authenticate the user
I made some tests even with eapol_test, using the EAP-MSCHAPv2 config
file reported in http://deployingradius.com:
decapsulated EAP packet (code=4 id=8 len=4) from RADIUS server: EAP Failure
I'm using the following FreeRADIUS version.
radiusd: FreeRADIUS Version 3.0.12 (git #ae2f29c), for host
x86_64-unknown-linux-gnu, built on Jul 29 2016 at 11:17:40
FreeRADIUS Version 3.0.12
And the following Samba version (Debian 8.5): 4.2.10.
To understand the problem tell me if you need more accurate log.
Thanks in advance.
More information about the Freeradius-Users