Hi,
we are having an issue with authenticating TTLS when the supplicant uses
plain MSCHAPv2 instead of EAP-MSCHAPv2
1. Testing with eapoltest and following config in eapol_test:
-
eap=TTLS
phase2="auth=MSCHAPV2"
produces foll
On 9.6.2015 12.44, Christian Kratzer wrote:
> we are having an issue with authenticating TTLS when the supplicant uses
> plain MSCHAPv2 instead of EAP-MSCHAPv2
>
> 1. Testing with eapoltest and following config in eapol_test:
> -
>
>
Hi,
On Tue, 9 Jun 2015, Heikki Vatiainen wrote:
> It should now return accept or reject, not a challenge. If it accepts,
> it will tunnel MS-CHAP2-Success back to the client with the accept.
this seems to lead to the problem in our setup.
We have following structure in the inner handler with a
On 9.6.2015 15.05, Christian Kratzer wrote:
> On Tue, 9 Jun 2015, Heikki Vatiainen wrote:
>
>> It should now return accept or reject, not a challenge. If it accepts,
>> it will tunnel MS-CHAP2-Success back to the client with the accept.
>
> this seems to lead to the problem in our setup.
>
> We h
Hi,
On Tue, 9 Jun 2015, Heikki Vatiainen wrote:
> On 9.6.2015 15.05, Christian Kratzer wrote:
>
>> On Tue, 9 Jun 2015, Heikki Vatiainen wrote:
>>
>>> It should now return accept or reject, not a challenge. If it accepts,
>>> it will tunnel MS-CHAP2-Success back to the client with the accept.
>>
>
On 9.6.2015 15.18, Christian Kratzer wrote:
> yes that would help separate the cases but I would still need to solve
> the non eap case, i.E how to ignore SQLauthorize while SQLauthenticate
> is challenging the client. Would something like this work for plain
> MSCHAPv2 ?
>
> ContinueUntilCh
Hi,
On Tue, 9 Jun 2015, Heikki Vatiainen wrote:
> On 9.6.2015 15.18, Christian Kratzer wrote:
>
>> yes that would help separate the cases but I would still need to solve
>> the non eap case, i.E how to ignore SQLauthorize while SQLauthenticate
>> is challenging the client. Would something like th
