Put a test user in the users file:
test Cleartest-Password := blah, MS-CHAP-Use-NTLM-Auth := 0
TTLS/MSCHAPV2 works!
STA 02:00:00:00:00:01: Received RADIUS packet matched with a pending
request, round trip time 0.00 sec RADIUS packet matching with station
MS-MPPE-Send-Key (sign) -
Here we go,
TTLS/PAP works
STA 02:00:00:00:00:01: Received RADIUS packet matched with a pending
request, round trip time 0.00 sec RADIUS packet matching with station
MS-MPPE-Send-Key (sign) - hexdump(len=32): c5 bd 3a 25 91 1b fa 82 01 4c
d2 d3 0f 50 b9 69 57 32 5c 19 73 03 2a 02 d2 47 36 bd 0d
If the server sends an Access-Challenge, and nothing else happens,
the
user's machine is *choosing* to not continue the conversation.
XP and Linux machines are known to work with 2.0.5. If 1.1.7 works
for you, and 2.0.5 doesn't, it's *very* likely because the
configurations are different.
is greatly appreciated.
Thanks!
Brooks, Kyle wrote:
Sorry to bother you again, but can you provide any more insight with
reference to the conf and debug files?
Uh... what do you mean?
The eap.conf file points to the certificates. It hasn't really
changed from 1.1.7 to 2.0.5. Just make
There might be a slight miscommunication here these are two separate
boxes. Our production box is 1.1.7 and this new box 2.0.5
That's nice.
Do the clients have the certificate for the CA that signed the server
certificate? It seems not.
The clients have the certificate for the CA, same
++[mschap] returns ok
MSCHAP Success
++[eap] returns handled
Radius is doing fine. Your switch is having problems with
EAP-MSCHAPv2.
Debug the switch.
Ivan Kalik
Kalik Informatika ISP
Ok, but we are using this same switch and config for our current
deployment of freeradius 1.1.7 with AD and
In follow up to 'FreeRadius 2.0.3 setup help' on Jul 27.
We have tested using the certificate creation scripts and WinCA signed
certificates with the same result of an access challenge. We have tested
with both a Windows XP and Linux client with the same result. We are
using Cisco switches.
What
++[mschap] returns ok
MSCHAP Success
++[eap] returns handled
Radius is doing fine. Your switch is having problems with EAP-MSCHAPv2.
Debug the switch.
Ivan Kalik
Kalik Informatika ISP
Ok, but we are using this same switch and config for our current
deployment of freeradius 1.1.7 with AD and
you've configured inner-tunnel for EAP - but do you have the
inner-tunnel virtual server config file living in sites-enabled/ ?
Hello Alan,
Here are the contents of the inner-tunnel file located in sites-enabled/
# -*- text -*-
Hello,
We have been trying to setup the new FreeRadius server, version 2.0.3 on Fedora
9. We are very close as during testing a user was able to authenticate to AD
via LDAP. Radtest was ok, but there is no accept packet/acknowledgment sent
back, so the network switch thinks the user hasn't
Hello,
We have been experiencing a weird crashing problem with FreeRadius 1.1.7
on fedora core 7 and was hoping someone would be able to help.
The problem is that FreeRadius will crash several times each day and
before each crash this error is displayed.
error: rlm_eap: Either EAP-request
11 matches
Mail list logo