On 05/09/2011 10:55 PM, Gary Gatten wrote:
Exec-Program output: Logon failure (0xc000006d) Exec-Program-Wait: plaintext: Logon failure (0xc000006d) Exec-Program: returned: 1 [mschap] External script failed. [mschap] FAILED: MS-CHAP2-Response is incorrect ++[mschap] returns reject
You've trimmed the debug output, so we can't see what the problem is. Don't do that.
In the PEAP properties, EAP-MSCHAP v2, if you DISABLE “automatically use my windows logon name and password” and instead enter the credentials manually it works.
Are the machines domain members?
I should note, it appears the Aruba gear is terminating the PEAP – FR only sees an MSCHAP request.
DEFINITELY don't do that! Is it passing the PEAP inner as EAP-MSCHAPv2 or plain MS-CHAPv2? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html