Hi. I've been using FreeRadius recent CVS version to authenticate wireless Windows XP/2k users via EAP and Cisco AP1000 series. I've so far suceeded in EAP/TLS and EAP/TTLS, as well as with non-EAP modules (PAP and CHAP) just to test if it is all properly setup.
However, I'm failing with EAP/PEAP. Certificates are fine (as stated above), however MS-CHAPv2 (rlm_mschap) seems to be causing problems: rlm_eap: Request found, released from the list rlm_eap: EAP/mschapv2 rlm_eap: processing type mschapv2 Processing the authenticate section of radiusd.conf modcall: entering group Auth-Type for request 6 rlm_mschap: Told to do MS-CHAPv2 for test with NT-Password rlm_mschap: FAILED: MS-CHAP2-Response is incorrect Passwords are stored in MySQL, but they're proven to be read correctly (and I've tried with users file too). I've read this list archives throughly, and I've tried most of the stuff people were reporting. Is there anything else I could check? Should I try with NT-hashed passwords? Should I try with auth_ntlm to debug chap responses? TIA. -- | |--.----.-----. Dinko 'kreator' Korunic #include <stddisclaimer.h> | <| _| -__| http://www.srce.hr/~kreator/ | http://kre.deviantart.com |__|__|__| |_____| PGP:0xEA160D0B | IRC:kre | ICQ:16965294 | AIM:kreatorMoo - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html