(RADIATOR) Anyone get EAP-PEAP on XP to work Radius?
Christian Wiedmann
cw_radiator at wiedmann.org
Fri Mar 7 15:03:12 CST 2003
Your settings sound fine. I have PEAP authentication working with the same
setup on XP Home (SP1). I don't think that it matters whether the authenticate
as computer or authenticate as guest boxes are checked (except that obviously
it's going to fail to authenticate if you don't have them configured in
Radiator).
Are you sure you're getting a TLS tunnel? The TLS tunnel isn't established
until the first identity exchange, which normally only happens after you enter
information in the login window. If you actually are getting to the TLS stage,
Windows must have credentials from somewhere - double check the MSCHAP-V2
settings to make sure it isn't using your Windows login information.
What AP are you using? If it is a Linksys WRT51AB or similar, I've discovered
that the AP requires a State attribute to be in the Radius replies. I've
modified my version of Radiator to add one. I'm not sure if there is a cfg-
file way of doing this -- I actually modified the perl code.
-Christian
On Fri, 7 Mar 2003, John McFadden wrote:
> Date: Fri, 07 Mar 2003 14:16:44 -0500
> From: John McFadden <dasjlm at uwo.ca>
> To: radiator at open.com.au
> Subject: (RADIATOR) Anyone get EAP-PEAP on XP to work Radius?
>
> I installed lastest Service Pack on XP to get the built in 802.1x client
> but can't seem to get it to
> authenticate via Radius. It appears that I get a TLS tunnel but never
> get a logon popup on XP.
>
> I believe it is some kind of setup issue on XP not Radiator so I just
> would like to
> verify my XP setup before getting into Radiator.
>
> I started the Wireless Zero Config service.
>
> I clicked on the applicable connection and it's property button.
>
> In the authentication tab (confirms the Wireless Zero Config installed
> and running.)
> -I clicked on Enable IEEE802.1x
> -I selected Protected EAP (PEAP)
> -I left off Authenticate as computer
> -I left off Authenticate as guest
>
>
> In the peap properties tabe.
> -I left off validate server certficate - I assume not required for
> EAP-PEAP? Is this my problem?
> -I selected EAP-MSCHAPV2 as authentication method.
>
> In the EAP-MSCHAPV2 properities I left off the use Windows userid,
> password and domain.
>
> Can someone comment confirm this setup should work?
>
>
>
> Thanks in advance.
>
> John McFadden
>
>
>
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list