Hi Jake, The only light I can shed on my issue is a tale of self-inflected aggravation. It seems I was using the wrong XP supplicant, hence the wrong root certificate, and this oversight prevented the TLS tunnel from coming up. I got a good FreeRadius log for PEAP-MS-Chapv2 on the internet a went through it line by line, comparing it to my log, until I noticed that the TLS tunnel never came up in my setup. It was then I realized my error and fixed.
Regards, John -----Original Message----- From: freeradius-users-bounces+jhanavan=avaya....@lists.freeradius.org [mailto:freeradius-users-bounces+jhanavan=avaya....@lists.freeradius.org] On Behalf Of Sallee, Stephen (Jake) Sent: Wednesday, January 19, 2011 8:51 PM To: FreeRadius users mailing list Subject: RE: Issue with local authentication of MS-ChapV2 Glad to hear you solved it, care to share so we can all benefit ? Jake Sallee Godfather Of Bandwidth Network Engineer Fone: 254-295-4658 Phax: 254-295-4221 From: freeradius-users-bounces+jake.sallee=umhb....@lists.freeradius.org [mailto:freeradius-users-bounces+jake.sallee=umhb....@lists.freeradius.org] On Behalf Of Hanavan, John (John) Sent: Wednesday, January 19, 2011 6:18 PM To: 'FreeRadius users mailing list' Subject: RE: Issue with local authentication of MS-ChapV2 Hi All, We solved the issue in house. Regards, John -----Original Message----- From: freeradius-users-bounces+jhanavan=avaya....@lists.freeradius.org [mailto:freeradius-users-bounces+jhanavan=avaya....@lists.freeradius.org] On Behalf Of Hanavan, John (John) Sent: Wednesday, January 19, 2011 3:56 PM To: 'freeradius-users@lists.freeradius.org' Subject: Issue with local authentication of MS-ChapV2 I am trying to get PEAP/MS-ChapV2 working on my Radius Server. The version I am using is FreeRadius 2.1.8. I already have EAP-TLS working between a FreeRadius Server and an XP supplicant, so I am pretty sure that my certificates are configured correctly on the FreeRadius Server as well as the XP supplicant that I am trying to configure PEAP/MS-ChapV2 on. I have attached the FreeRadius debug log from one of my attempted connections. It appears that the EAP-TLS tunnel comes up but the MS-ChapV2 authentication fails. I did see this warning: Warning: Found 2 auth-types on request for user 'jsmith1' But I am uncertain what it means and how to correct it. As stated earlier, I am trying to use local authentication for the MS-ChapV2 and this seems to be the point of failure. I have a packet capture between the Radius Server and the authenticator showing Radius Access Challenges and Requests but no Access Accepts. Not sure what I have mis-configured, so any suggestions would be greatly appreciated. Regards, John
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html