Thanks for the help Stefan. On 7/19/07, Stefan Winter <[EMAIL PROTECTED]> wrote:
> I am trying to send an Access-Request with EAP-Identity response. The > Request was successful and Server sent an Access-Challenge in response (MD5 > challenge), the response to this challenge is failing (receiving > Access-Reject from Server), the Error message was "rlm_eap_md5: > User-Password is required for EAP-MD5 authentication". I have the > User-Password attribute in Access-Request. Below is the Access-Request > packet attributes, You don't quite understand how EAP-MD5 works. There is not supposed to be a User-Password in the request - instead, a response to the MD5-Challenge the server sent out earlier. The *server* needs to know the user's password to verify this response. So putting the attribute User-Password in the request won't gain you anything, other than violating RFCs. The server will not look there. With EAP-MD5, the user's password is *never* on the wire. You want to configure the user's password in the server, for example in the users file. In 1.16 and later, you will want to use the name "Cleartext-Password" instead of User-Password for that - it reduces confusion. Stefan -- Stefan WINTER Stiftung RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche Ingenieur Forschung & Entwicklung 6, rue Richard Coudenhove-Kalergi L-1359 Luxembourg E-Mail: [EMAIL PROTECTED] Tel.: +352 424409-1 http://www.restena.lu Fax: +352 422473 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-- With Regards, Govardhana K N
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html