On Mon, 2009-04-13 at 22:20 +0100, Ivan Kalik wrote: > > using the ca.der and caclient.p12 (using Ivan's newer script for > generating) for TLS > > That was for 2.0.5. 2.1.x has updated Makefile by default. > > >Below is radiusd -X log with one failed attempt and it just seems as if the > eap challenges go out but responses never come back. > > [ldap] checking if remote access for spare is allowed by uid [ldap] Added > User-Password = {crypt}$OBSCURED in check items [ldap] looking for check > items in directory... > rlm_ldap: sambaNtPassword -> NT-Password == 0x$OBSCURED > rlm_ldap: sambaLmPassword -> LM-Password == 0x$OBSCURED > ... > [eap] processing type md5 > rlm_eap_md5: Issuing Challenge > ... > > No wonder. You are using crypt and nt hased passwords for EAP-MD5. That > can't work. > > http://deployingradius.com/documents/protocols/compatibility.html ---- I'm working...at least on Macintosh. I'll drag in my Windows laptop tomorrow to see if I can make either the standard WinXP SP3 supplicant work now and I've also got the S2ecure TTLS software.
Thanks, that was a helpful clue. Craig -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html