Help with EAP-TTLS/EAP-MD5 & PEAP/MSCHAPv2

Ivan Sanchez Valencia isanchez at piltrafa.dhis.org
Mon Jul 5 06:12:22 EDT 2004


I'm trying to configure PEAP/MSCHAPv2 too, and I got the same results:
...
Mon Jul  5 12:08:23 2004 : Info: rlm_eap_mschapv2: Issuing Challenge
Mon Jul  5 12:08:23 2004 : Auth: Login incorrect: [user/<no User-Password attribute>] (from client localhost port 0)
...

I'm doing something wrong and I don't know what. Or freeRADIUS don't catch the User-Password or wpa_supplicant doesn't
send it...

for PEAP/MSCHAPv2...

network={
        ssid="maia"
        key_mgmt=WPA-EAP
        eap=PEAP
        identity="user"
        anonymous_identity="anonimo"
        password="secret"
        ca_cert="/etc/cert/root.ca"
        phase2="auth=MSCHAPV2"
}

and for TTLS/MD5...

network={
        ssid="maia"
        key_mgmt=WPA-EAP
        eap=TTLS
        identity="user"
        anonymous_identity="anonimo"
        password="secret"
        ca_cert="/etc/cert/root.ca"
}

getting the same error that I said before.

Ivan.

On Sun, 4 Jul 2004 23:31:49 +0200, Ivan Sanchez Valencia wrote
> On Sun, 4 Jul 2004 13:40:17 -0700, Jouni Malinen wrote
> > > > > anonimo  Auth-Type := EAP
> > > > > user     Auth-Type := Local, User-Password == "secret"
> > 
> > > I have this now:
> > > user    Auth-Type := EAP
> > 
> > Why did you remove the password? That should be
> > 
> > user	Auth-Type := EAP, User-Password == "secret"
> 
> I put correctly the user and I continue having the message:
> 
> ...
> Sun Jul  4 23:23:18 2004 : Info: rlm_eap_md5: Issuing Challenge
> Sun Jul  4 23:23:18 2004 : Auth: Login incorrect: [user/<no User-Password attribute>] (from client localhost port 0)
> Sun Jul  4 23:23:18 2004 : Auth: Login incorrect: [anonimo/<no User-Password attribute>] (from client machine.domain.com
> port 1 cli XX-XX-XX-XX-XX-XX)
> ...
> 
> and finally:
> 
> Jul  4 23:27:51 ap hostapd: wlan0: STA 00:90:d1:08:58:e1 IEEE 802.1X: authentication failed
> 
> In wpa_supplicant.conf I have:
> 
> network={
>         ssid="net"
>         key_mgmt=WPA-EAP
>         eap=TTLS
>         anonymous_identity="anonimo"
>         ca_cert="/etc/cert/root.ca"
>         identity="user"
>         password="secret"
> }
> 
> It's correct? Why it doesn't send the User-Password attribute?
> 
> --
> 
>                "I didn't know it was impossible when I did it."
> 
>         ---------------------------------------------------------------
>          Iván Sánchez Valencia
>          Email: isanchez at piltrafa.dhis.org
>          PGP public key: http://www.piltrafa.dhis.org/pubkey.asc
>         ---------------------------------------------------------------
> 
> _______________________________________________
> HostAP mailing list
> HostAP at shmoo.com
> http://lists.shmoo.com/mailman/listinfo/hostap


--

               "I didn't know it was impossible when I did it."

        ---------------------------------------------------------------
         Iván Sánchez Valencia
         Email: isanchez at piltrafa.dhis.org
         PGP public key: http://www.piltrafa.dhis.org/pubkey.asc
        ---------------------------------------------------------------




More information about the HostAP mailing list