But why
Alan Buxey
alan.buxey at gmail.com
Wed Oct 2 19:48:36 CEST 2019
hi,
> > Wed Oct 2 17:57:23 2019 : Debug: (10) eap: Peer sent packet with method
> > EAP NAK (3)
client didnt like what was offered
> > Wed Oct 2 17:57:23 2019 : Debug: (10) eap: Found mutually acceptable type
> > MSCHAPv2 (26)
> > Wed Oct 2 17:57:23 2019 : Debug: (10) eap: Calling submodule eap_mschapv2
but was happy to do eap_mschapv2
given your default peap method is gtc, that was what probably caused
the NAK in the tiny snippet
of logs you provided
> Pretty much standard. I expect TTLS + PAP, not MSCHAPv2
>
> Is this a normal outcome?
> Why iOS doesn't try PAP?
because 'clients' - was this client configured by a profile or was it
configured by hand or was it configured
by just trying to join the SSID?
> Having a User-Password attribute doesn't serve as a hint for the server
> when looking for a mutually acceptable type?
it could do - but you havent provided any config or full debug output
so i couldnt say how your server is configured.
alan
More information about the Freeradius-Users
mailing list