EAP-TEAP not doing 2nd inner Method
Alan DeKok
aland at deployingradius.com
Thu Dec 5 13:13:37 UTC 2024
On Dec 5, 2024, at 5:16 AM, Martin B. via Freeradius-Users <freeradius-users at lists.freeradius.org> wrote:
> I had to change this:
OK, that's fine.
> - It looks like the server does not accept multiple values in
> "identity_types":
> /etc/freeradius-server-3.2.x/raddb/mods-enabled/eap[1145]: Invalid
> value in identity_types = 'machine,user'
> rlm_eap (EAP): Failed to initialise rlm_eap_teap
> /etc/freeradius-server-3.2.x/raddb/mods-enabled/eap[14]:
> Instantiation failed for module "eap"
I'll push a fix for that shortly.
> - even though the server will start when I only give "machine" or "user",
> it will ignore whatever is given there and do "machine,user"
The debug log shows it doing only Machine.
> - when doing "machine,user", the server throws an error after the machine
> is authenticated
> (13) eap_teap: Crypto-Binding TLV version mis-match (possible
> downgrade attack!)
> (13) eap: ERROR: Failed continuing EAP TEAP (55) session. EAP
> sub-module failed
I'll take a look. I'm not sure what's happening there, but I've pushed some more debug messages which may help clarify the issues.
Alan DeKok.
More information about the Freeradius-Users
mailing list