EAP - access request from hostapd to radiusd

Jouni Malinen jkmaline at cc.hut.fi
Sun Jul 25 10:41:07 EDT 2004


On Sun, Jul 25, 2004 at 02:00:43PM +0200, Karl Rothenhöfer wrote:

> from what I can see hostapd sends an access request to radiusd without the
> parameter
> Attribute 2 User-Password
> Consequently Radiusserver rejects authentication.

The first part is correct (and reason for it is that IEEE 802.1X uses
EAP, not CHAP etc.), but the conclusion is not. That should have been:
"Consequently RADIUS server must be configured for EAP authentication."
There is no User-Password attribute in RADIUS messages carrying EAP. The
authentication is done using EAP-Message attributes (i.e., within EAP).

-- 
Jouni Malinen                                            PGP id EFC895FA



More information about the HostAP mailing list