EAP-PEAP/EAP-MSCHAPv2 authentication with extra frames

Nickolay Belchugov belchugov at gmail.com
Tue Sep 3 10:34:53 EDT 2013


Hi all,

My fault! It is all part of the algorithm. In fact, I was comparing
EAP-TTLS/EAP-MSCHAPv2 and PEAP/EAP-MSCHAPv2 when I saw that PEAP has more
packets transmitted. Thus, I thought it is a bug, because in all articles
it is explained that both authentication protocols are quite similar.
Anyway.

Cheers,
Nicko




On 3 September 2013 11:20, Nickolay Belchugov <belchugov at gmail.com> wrote:

> Hi all,
>
> I am comparing several EAP authentication protocols and I found out when
> authenticating with EAP-PEAP/EAP-MSCHAPv2 some extra frames were
> transmitted during the second phase of authentication(When supplicant is
> authenticated). In fact extra 4 frames were transmitted which is equivalent
> to an EAP-MSCHAPv2 process. Thus, I suppose the second phase is repeated.
> But, in the end, there is successful authentication, of course.
>
> Here's my network configuration:
>
> Supplicant[wpa_supplicant 1.0/2.0]<---emulated 802.11a
> network-->Authenticator[hostapd]<---linux bridge-->Authentication
> Server[freeradius 2.1.12]
>
> So have you ever noticed this issue?
>
> Cheers,
> Nicko
>



-- 
Поздрави/Regards/Cordialement,
Nickolay Belchugov
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.shmoo.com/pipermail/hostap/attachments/20130903/c244b6c4/attachment.htm>


More information about the HostAP mailing list