Hello Dinko, Wednesday, May 26, 2004, 11:14:51 PM, you wrote:
DK> Hi. I've been using FreeRadius recent CVS version to authenticate DK> wireless Windows XP/2k users via EAP and Cisco AP1000 series. I've so DK> far suceeded in EAP/TLS and EAP/TTLS, as well as with non-EAP modules DK> (PAP and CHAP) just to test if it is all properly setup. DK> However, I'm failing with EAP/PEAP. Certificates are fine (as stated DK> above), however MS-CHAPv2 (rlm_mschap) seems to be causing problems: DK> rlm_eap: Request found, released from the list DK> rlm_eap: EAP/mschapv2 DK> rlm_eap: processing type mschapv2 DK> Processing the authenticate section of radiusd.conf DK> modcall: entering group Auth-Type for request 6 Hi. Don't use md5 or any other hashing protocol creating mysql passwords. You will not be able to authenticate incoming MS-CHAPv2 connections (already encrypted). DK> rlm_mschap: Told to do MS-CHAPv2 for test with NT-Password DK> rlm_mschap: FAILED: MS-CHAP2-Response is incorrect DK> Passwords are stored in MySQL, but they're proven to be read correctly DK> (and I've tried with users file too). DK> I've read this list archives throughly, and I've tried most of the stuff DK> people were reporting. Is there anything else I could check? Should I DK> try with NT-hashed passwords? Should I try with auth_ntlm to debug chap DK> responses? DK> TIA. -- Best regards, M.Jessa mailto:[EMAIL PROTECTED] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html