OpenLDAP+FreeRadius Encryption
Alan DeKok
aland at deployingradius.com
Tue Feb 2 18:28:25 CET 2016
On Feb 2, 2016, at 12:11 PM, Greg Mischel Smith <gregms at gmail.com> wrote:
> Any other default settings I
> should try?
Tell the server what the "known good" password is for the user?
>
> (7) eap_mschapv2 : Auth-Type MS-CHAP {
> (7) WARNING: mschap : No Cleartext-Password configured. Cannot
> create LM-Password
> (7) WARNING: mschap : No Cleartext-Password configured. Cannot
> create NT-Password
> (7) mschap : Creating challenge hash with username: testuser
> (7) mschap : Client is using MS-CHAPv2
> (7) ERROR: mschap : FAILED: No NT/LM-Password. Cannot perform authentication
It's not like the server is TELLING YOU what's going wrong.
Did you try configuring a Cleartext-Password for the user?
No?
Then how do you expect the server to authenticate the user?
Did you try READING the instructions at the top of raddb/sites-available/inner-tunnel?
No?
Then go do that. If you can't get radtest to work as documented there, you won't be able to get PEAP to work.
This is all documented.
Alan Dekok.
More information about the Freeradius-Users
mailing list