Hi Christian, add --enable-eap-mschapv2 as a configure option since MSCHAP-V2 based password authentication is done within the PEAP tunnel.
Regards Andreas On 15.09.2018 11:38, Christian Salway wrote: > I'm trying to set up PEAP but getting an error. I connect to an NPS and > have enabled PEAP with MSCHAPv2 on the connection > > > Sep 15 09:31:39 16[IKE] sending tunneled EAP-PEAP AVP [EAP/REQ/ID] > Sep 15 09:31:39 16[ENC] generating IKE_AUTH response 8 [ EAP/REQ/PEAP ] > Sep 15 09:31:39 16[NET] sending packet: from 10.0.1.82[4500] to > 86.2.58.36[60210] (128 bytes) > Sep 15 09:31:39 04[NET] sending packet: from 10.0.1.82[4500] to > 86.2.58.36[60210] > Sep 15 09:31:39 03[NET] waiting for data on sockets > Sep 15 09:31:40 03[NET] received packet: from 86.2.58.36[60210] to > 10.0.1.82[4500] > Sep 15 09:31:40 06[NET] received packet: from 86.2.58.36[60210] to > 10.0.1.82[4500] (160 bytes) > Sep 15 09:31:40 06[ENC] parsed IKE_AUTH request 9 [ EAP/RES/PEAP ] > Sep 15 09:31:40 06[IKE] received tunneled EAP-PEAP AVP [EAP/RES/ID] > Sep 15 09:31:40 06[IKE] received EAP identity 'christian.salway' > Sep 15 09:31:40 06[IKE] phase2 method EAP_MSCHAPV2 selected > *Sep 15 09:31:40 06[IKE] EAP_MSCHAPV2 method not available* > Sep 15 09:31:40 06[ENC] generating IKE_AUTH response 9 [ EAP/REQ/PEAP ] > > > ./configure --prefix=/usr --sysconfdir=/etc \ > --enable-eap-identity --enable-eap-radius --enable-openssl \ > --enable-eap-peap > > NPS > > > > > > Windows 10 reports: > -- ====================================================================== Andreas Steffen andreas.stef...@strongswan.org strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Networked Solutions HSR University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===========================================================[INS-HSR]==
smime.p7s
Description: S/MIME Cryptographic Signature
