[RADIATOR] CISCO supplicant, unable to connect using PEAP

Gerard Alcorlo Bofill galcorlo at cesca.es
Mon Feb 15 06:08:03 CST 2010 

Hi Pascal,

thank you for your help. When I've read you'd solved the problem I
retried to change some options and when I've added  EAPTLS_PEAPVersion 0
to the outer authentication, it has worked perfectly.

I didn't start adding EAPTLS_PEAPBrokenV1Label, because I remembered I'd
tried this option before.

Thanks a lot!

--
Gerard


En/na Pascal Beauregard ha escrit:
> I Gerard,
> 
> We had the same issue in the past with Cisco 7921. We have solve this issue
> with the following option in the Handler that handles the outer
> authentication request.
> 
> EAPTLS_PEAPBrokenV1Label
> 
> 
> Pascal 
> 
> -----Message d'origine-----
> De : radiator-bounces at open.com.au [mailto:radiator-bounces at open.com.au] De
> la part de Gerard Alcorlo Bofill
> Envoyé : 12 février 2010 06:58
> À : radiator at open.com.au
> Objet : [RADIATOR] CISCO supplicant, unable to connect using PEAP
> 
> Hello,
> 
> I'm trying to authenticate a wireless phone Cisco 7925G with Radiator using
> PEAP but I don't have any success until now. I'm a bit confused because
> using the 7925G phone, Radiator answers me an Access-Accept but in the logs
> from AP I can see:
> %DOT11-7-AUTH_FAILED: Station 0023.3341.8656 Authentication failed
> 
> I can access the network using Windows XP (PEAP/MSCHAPv2) and also using
> wpa_supplicant from Ubuntu, but not the default Network Manager.
> 
> I've been reading,
> http://en.wikipedia.org/wiki/Protected_Extensible_Authentication_Protocol
> and I've understood that CISCO is using PEAPv1 instead of PEAPv0 from
> Microsoft. For this reason I decided to use the specific client from Cisco,
> "Cisco Secure Services Client" and tried with my laptop if I was able to
> connect. I couldn't do it. I had the same problem, Radiator accepted me but
> the laptop didn't like it and it retried to connecting forever.
> 
> I've also been reading Radiator Reference and I've understood that Radiator
> by default is using PEAPv1, however when I configure wpa_supplicant from
> Linux I have to force it to use PEAPv0. If I choose
> PEAPv1 I can't connect. A bit confusing, isn't it?
> 
> I'v tried to change, EAPTLS_PEAPVersion in Radiator without any success.
> 
> I'm using Radiator 4.2
> 
> Any idea?
> 
> Thanks
> 
> --
> Gerard
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator
> 
>

More information about the radiator mailing list