(RADIATOR) PEAP and Filter-ID
Kawakubo, Ken
kkawakub at fhcrc.org
Thu Jan 20 15:45:59 CST 2005
Hum,
I had exactly the same problem when I moved from Microsoft IAS2003 to
Radiator to authenticate PEAP-MSCHAPv2 requests from MacOSX 10.3 Internet
Connect clients. Internet Connect client on MacOSX 10.3 (which can use TTLS,
LEAP, as well as PEAP) stopped working with PEAP. Even though the client
announced that PEAP authentication was successful, an valid IP address was
never assigned. It turned out that the PEAP client on MacOSX 10.3 uses a
slightly different variety of PEAP. Microsoft IAS2003 was happy to accept
this variety of PEAP but Radiator was not. I had to specify
"EAPTLS_PEAPVersion 0" in Radiator configuration for it to authenticate all
PEAP varieties correctly.
Ken Kawakubo
FHCRC
-----Original Message-----
From: Berndt Sevcik [mailto:berndt.sevcik at tgm.ac.at]
Sent: Thursday, January 20, 2005 1:03 PM
To: Radiator MailingList
Subject: Re: (RADIATOR) PEAP and Filter-ID
I already tried this line. The same result as without. The funny thing
is that the Radiator server answers with an Access Request. Also when I
take a look at the supplicant list from the access point the client is
listed as authenticated. And what I dont understand is that also MAC OS
says that the client has sucessfully authenticated. But communication
is not working. When I change to authentication method to TTLS the
communication is working without any problem.
Thanks
Berndt
Am 20.01.2005 um 20:26 schrieb Heikki Vatiainen:
> Berndt Sevcik wrote:
>
>> Some idea about it? Is someone using MAC OS and PEAP? Has someone
>> tipps for the config?
>
> Please see if adding this into your configuration helps:
> EAPTLS_PEAPVersion 0
>
> I have used Mac OS X 10.3.x against Radiator with success. Sorry about
> being so brief, but I just got home and need some rest. If it still
> does not work, I can take a better look at our configuration later.
>
> --
> Heikki Vatiainen, Arch Red Oy
> +358 44 087 6547
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with 'unsubscribe
> radiator' in the body of the message.
>
>
-----------------------------------------
TGM - Die Schule der Technik
IT-Service
A-1200 Wien, Wexstr. 19-23
Tel. +43(1)33126/316 Fax: +43(1)33126/154
E-Mail: berndt.sevcik at tgm.ac.at
-----------------------------------------
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list