Phase 2 on PEAP and EAP-TTLS
aland at deployingradius.com
Thu Nov 18 11:17:49 EST 2010
Panagiotis Georgopoulos wrote:
> Well, that is the problem I am having.. I see different behaviour on the
> FR's side when using PEAP/MSCHAPv2 and EAP-TTLS/EAP-MSCHAPv2 in Phase 2. I
> am noticing two pairs of MS-MPEE keys in the Access-Accept message sent by
> FR (see below) when I am using EAP-TTLS/EAP-MSCHAPv2 which I don't have when
> I use PEAP/MSCHAPv2...
I don't recall seeing that problem in my config. So...
> So, I am trying to investigate why I am getting 2 MS-MPEE keys on
> EAP-TTLS/EAP-MSCHAPv2 and not on PEAP/MSCHAPv2 although theoretically they
> follow the same (or very similar) process...
You can configure FreeRADIUS to filter the extra attributes. This
isn't a problem with wpasupplicant.
More information about the HostAP