Thanks Bill...about TLS? I made the suggested changes. Now when attempting to startup FreeRADIUS in debugging mode I receive the message:
Rlm_eap: Unable to load EAP-Type/PEAP, as EAP-Type/TLS is required first. I assume this means I have to set up TLS. Is there an easy way to do this...it appears I need a certificate? I'm sure it can't be too difficult. Is there a good howto on doing this, or can someone step me through it? Thanks -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Bill Reid Sent: Monday, December 08, 2003 8:06 AM To: [EMAIL PROTECTED] Subject: Re: Wireless 802.1x using MS-CHAPv2 WinXP Hey Justin, You need to set default_eap_type = peap in radiusd.conf. As of XP sp1, md5 is no longer being used. Your peap section should be this simple. peap { default_eap_type = mschapv2 } Best wishes, -=Bill Justin Bailey wrote: >I am down to a deadline (school) for using FreeRADIUS to work as an >802.1x authenticator for a wireless network. I currently have the CVS >snapshot of freeRADIUS from 20031208 on Redhat Linux 6.2. > >I have windows configured to use WEP and 802.1x PEAP. My PEAP >configuration is set to NOT validate a server certificate and to use >EAP-MSCHAPv2 as the authentication method. (Can I use PEAP like this >(without a server certificate?) > >When connecting to my wireless ap, windows asks for a username and >password to use to connect to the network. I supply a valid system >logon to the Linux box. Running FreeRADIUS in debugging mode shows the >request is being received and replied to by the RADIUS server: > Modcall[authorize]: module "files returns ok for request 0 > Modcall[authorize]: module "mschap" returns noop for request 0 > Modcall: group authorize returns updated for request 0 > Rad_check_password: found auth-type EAP > Auth: type "EAP" > Modcall: entering group authenticate for request 0 > Rlm_eap: EAP Identity > Rlm_eap: processing type MD5 > Rlm_eap_md5: Issuing Challenge > Modcall[authenticate]: module "eap" returns handled for request >0 > Sending Access-Challenge of id 2 to 192.XXXXXXXX > EAP-Message = 0x0.... > Message-Authenticator = 0x00000.. > State = 0x24.... >Finished Request 0 >Going to the next request >.... > >It appears my XP machine never replies. Am I missing a configuration >setting on the RADIUS server to recognize the interaction as MS-CHAPv2? >All help appreciated. > >Justin > >- >List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
