(RADIATOR) PEAP-MSCHAPv2 don't assign WEP key

Mike McCauley mikem at open.com.au
Sat Sep 4 02:59:33 CDT 2004 

Hello Jan,


I think the problem is that this in your Radiator config:

       AllowInReply            Tunnel-Private-Group-ID

is stripping out the MPPE keys in the reply.

I can see that the ordering of the code could cause this behaviour to be 
unexpected, therefore we have made a change so that AllowInReply wont strip 
out the MPPE keys in future. A new patch is available to fix that.

Cheers.
    

On Saturday 04 September 2004 23:55, Jan Tomasek wrote:
> Hello again,
> I've another problem I have to resolve. If I corectly understand to M$
> Windows XP, only method it can use is PEAP-MSCHAPv2. Till now I was
> thinking that this method doesn't support dynamic WEP keys, but it seam I
> was wrong. I successuly tested it at locality where they are using
> FreeRadius. Our Radiator successfuly verify users identity but don't assign
> WEP key :(
>
> Testing was done with XSupplicant v1.0 from my notebook. I attach
> typescript of that sessions. Radiator supports PEAPv1 and v0 I tested both
> of them with no success. I also attached log files from radiator from both
> experiemnts. Radiator configuration file is also attached.
>
> I need this fix during next week. I will be out of office so it doesn't
> hurry.
>
> Another problem which belongs to this, is question about that
> "UsernameMatchesWithoutRealm" option to LDAP auth module which was discused
> in thread "Should be EAP-TTLS working with inner authentication
> MSCHAPV2??". Did Martin Burton sent you patch? How is going it's
> integration to Radiator?
>
> Best regards

-- 
Mike McCauley                               mikem at open.com.au
Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
9 Bulbul Place Currumbin Waters QLD 4223 Australia   http://www.open.com.au
Phone +61 7 5598-7474                       Fax   +61 7 5598-7070

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
TTLS, PEAP etc on Unix, Windows, MacOS etc.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list