Check some basic stuff too. Make sure your radius user can run ntlm_auth. Sent from Verizon Wireless
-----Original Message----- From: Phil Mayers <p.may...@imperial.ac.uk> Sender: freeradius-users-bounces+ironrake=yahoo....@lists.freeradius.org Date: Tue, 10 May 2011 09:55:54 To: <freeradius-users@lists.freeradius.org> Reply-To: FreeRadius users mailing list <freeradius-users@lists.freeradius.org> Subject: Re: PEAP/MSCHAPv2 failing with Windows 7 On 05/09/2011 10:55 PM, Gary Gatten wrote: > > Exec-Program output: Logon failure (0xc000006d) > > Exec-Program-Wait: plaintext: Logon failure (0xc000006d) > > Exec-Program: returned: 1 > > [mschap] External script failed. > > [mschap] FAILED: MS-CHAP2-Response is incorrect > > ++[mschap] returns reject You've trimmed the debug output, so we can't see what the problem is. Don't do that. > In the PEAP properties, EAP-MSCHAP v2, if you DISABLE “automatically use > my windows logon name and password” and instead enter the credentials > manually it works. Are the machines domain members? > I should note, it appears the Aruba gear is terminating the PEAP – FR > only sees an MSCHAP request. DEFINITELY don't do that! Is it passing the PEAP inner as EAP-MSCHAPv2 or plain MS-CHAPv2? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html