MS 2008 NPS and PEAP/MSCHAPv2 - wpa_supplicant not connecting

Jouni Malinen j at w1.fi
Sat Mar 30 13:57:48 EDT 2013


On Fri, Mar 22, 2013 at 08:08:05PM +0000, Gulick Tom-WPD384 wrote:
> >From Wireshark we see:
> The server sends a TLSv1 message with:  Server Hello, Certificate, Certificate-Request, and Server Hello Done
> Supplicant responds with Certificate, Client Key Exchange, Change Cipher Spec, and Encrypted Handshake
> Server resends the first message and then DEAUTH's the supplicant with the reason being "802.1x failed".
> 
> What seems different between MS 2008 NPS and the others is its sending  Certificate-Request. The others do not have it.
> Supplicant does respond but with Cert but what looks like a zero length certificate.

Which TLS library are you using in this wpa_supplicant build? Is the
server configured to try to use client certificate with PEAP?

-- 
Jouni Malinen                                            PGP id EFC895FA


More information about the HostAP mailing list