Freeradius PROXY: EAP-PEAP - TLS with NT-Password and Cleartext-Password
Alan DeKok
aland at deployingradius.com
Fri Jun 29 00:07:40 CEST 2018
On Jun 28, 2018, at 3:13 PM, Andrei Antonelli <andreirp at gmail.com> wrote:
>
> Thanks a lot, it worked with suffix testuser at hcrpp.com and without
> suffix testuser for the domain hcrpp.com, but when i authenticate with of
> external domain cr.net i get this error message:
i.e. "it doesn't work"
What do you want it to *do*? Read this: http://wiki.freeradius.org/list-help
> (17) eap: Expiring EAP session with state 0x94f1143794f70ec2
> (17) eap: Finished EAP session with state 0x94f1143794f70ec2
> (17) eap: Previous EAP request found for state 0x94f1143794f70ec2, released
> from the list
> (17) eap: Peer sent packet with method EAP MSCHAPv2 (26)
> (17) eap: Calling submodule eap_mschapv2 to process data
> (17) eap_mschapv2: # Executing group from file
> /usr/local/etc/raddb/sites-enabled/inner-tunnel
> (17) eap_mschapv2: Auth-Type MS-CHAP {
> (17) mschap: WARNING: No Cleartext-Password configured. Cannot create
> NT-Password
> (17) mschap: WARNING: No Cleartext-Password configured. Cannot create
> LM-Password
> (17) mschap: Creating challenge hash with username: testuser at cr.net
> (17) mschap: Client is using MS-CHAPv2
> (17) mschap: ERROR: FAILED: No NT/LM-Password. Cannot perform
> authentication
> (17) mschap: ERROR: MS-CHAP2-Response is incorrect
>
> Can i send cleartext-password for only the specific domain cr.net ?
I have no idea what that means.
Alan DeKok.
More information about the Freeradius-Users
mailing list