This is on a samba domain Phil as per the cool solutions article I mentioned in an earlier post. I am looking into my Aruba settings now for termination Mark
>>> Phil Mayers <p.may...@imperial.ac.uk> 5/19/2011 1:58 AM >>> > User-Name = "host/TECH-11501" Machines which are in the domain normally have this as: host/name.domain.com i.e. there is a "domain.com" at the end of the name. The absence of that suggests to me that the machine is not a domain member. Is that the case? If so, it cannot do machine auth. > Calling-Station-Id = "00265EE9B2CA" > Called-Station-Id = "000B86611894" > MS-CHAP-Challenge = 0x5551e00f40ce355de8053dbc2f64b5dd > MS-CHAP2-Response = > 0x0700226e95f1d0ae4efe8f381fd3714c7b0f0000000000000000904f33f5941ab6017f433da0f45438dc665447e9d6510a2d > Service-Type = Login-User > Aruba-Essid-Name = "HPSD_RAD2" > Aruba-Location-Id = "Tech 01" Great. More Aruba, probably terminating the PEAP locally. What a junky product. See other posts on the list in the past few days - you should DISABLE "terminate PEAP" (or whatever the option is) on your Aruba equipment, and let it do the EAP/PEAP. > +- entering group MS-CHAP {...} > [mschap] Creating challenge hash with username: host/TECH-11501 > [mschap] Told to do MS-CHAPv2 for host/TECH-11501 with NT-Password > [mschap] FAILED: MS-CHAP2-Response is incorrect Hmm. Indicating the password is not correct or the EAP has been fiddled with. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html This communication is intended for the use of the recipient to which it is addressed and may contain confidential, personal and/or privileged information. If you received this e-mail in error, please advise me (by return e-mail or otherwise) immediately.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html