On Thu, May 31, 2012 at 12:18 +0200, Peter J. Philipp wrote: > On Tue, May 29, 2012 at 01:55:45PM +0200, Mike Belopuhov wrote: > > On Wed, May 16, 2012 at 17:30 +0400, Pavel Shvagirev wrote: > > > 2. Doesn't work EAP mode - Windows stops on "Checking username and > > > password" error. Then #13803, 1931... > > > > Hi, > > > > Just to mention it for those not following source-changes@ > > that there was a bug in the message ID handling that prevented > > EAP from working correctly. The fix was committed on Friday. > > > > Cheers, > > Mike > > Hi, > > I still can't get it to work. I made two screenshots they are here: > > http://ipv4.goldflipper.net/private/iked-eap1.jpg > > and > > http://ipv4.goldflipper.net/private/iked-eap2.jpg > > My iked config looks like this: >
do you have a "user" specification in your iked.conf? which user are you trying to authenticate as? "user" specification occupies a separate line and looks like that: user "username" "password" iked can't consult the local password database or radius or any other authentication service at the moment except this internal "database". also, have you tried w/o mschap? you need to select the "Computerzertifikate verwenden" radio button to turn eap off. > ikev2 "win7" passive esp \ > from 172.16.20.0/24 to 0.0.0.0/0 local any peer any \ > srcid 10.0.0.1 \ > eap "mschap-v2" \ > config address 172.16.20.1 \ > config name-server 212.18.3.5 \ > tag "$name-$id" > looks fine except of absent of the "user" specification. i'd ditch the "tag" though as i didn't test it but it shouldn't affect anything. > I installed the iked from the -current source on top of the 5.0 binary > I believe these are the right ones because I see your recent timestamp > in them: > > ikev2_msg.c:/* $OpenBSD: ikev2_msg.c,v 1.15 2012/05/30 09:18:14 mikeb Exp $ > > Any hint on what I'm doing wrong? Sorry the screenshots are in german, > Fehler 13843 is Error 13843. I googled for that but wasn't any wiser after. > > Regards, > -peter
