WPA2 entreprise : Access-Accept but not connected

Matthew Newton mcn4 at leicester.ac.uk
Thu Jan 12 11:51:13 CET 2017


On Thu, Jan 12, 2017 at 10:18:04AM +0100, Arno Tarpin wrote:
> First I'm sorry for my bad English...

Your English is good.

> I just install Freeradius (using this tutorial
> <https://blog.fenrir.fr/2013/09/07/655/>), everything work (I get a

The best instructions to follow are generally Alan DeKok's at
http://deployingradius.com/

> access-accept when I try the radtest command) but when I try connect to the
> AP using WPA2 Entreprise, my devise (I use an Iphone but with a Laptop I
> get the same problem) don't connect.

> Sending Access-Accept of id 27 to 192.168.11.122 port 55831
>         MS-MPPE-Encryption-Policy = 0x00000002
>         MS-MPPE-Encryption-Types = 0x00000004
>         MS-MPPE-Send-Key = 0xd2945975ecf1a221e1ee1d070d2891dd
>         MS-MPPE-Recv-Key = 0x834f4d25d1269b7014c27c5140b1f898
>         Message-Authenticator = 0x00000000000000000000000000000000
>         User-Name = "a.tarpin"
>         MS-MPPE-Recv-Key = 0xe27cfc4aeaf04ba460adf86811d3c2a068b52bbe4e30d0e79c48a1d801de5bbc
>         MS-MPPE-Send-Key = 0x4e3c07e4df836b2af32406a60a1ba337d035d39c2608723f6c43a54c636db116
>         EAP-Message = 0x037c0004

You've got two sets of MS-MPPE-Recv-Key/MS-MPPE-Send-Key.

If you've set use_tunneled_reply = yes in the eap ttls
configuration, set it back to "no" again and try again.

Matthew


-- 
Matthew Newton, Ph.D. <mcn4 at leicester.ac.uk>

Systems Specialist, Infrastructure Services,
I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom

For IT help contact helpdesk extn. 2253, <ithelp at le.ac.uk>


More information about the Freeradius-Users mailing list