[RADIATOR] EAP-PEAP Windows XP Wired Ethernet

Heikki Vatiainen hvn at open.com.au
Thu Dec 15 05:04:35 CST 2011


On 12/15/2011 06:18 AM, Indrajaya Pitra Perdana wrote:

> The problem still persist even i created my own certificate using the
> steps in mkcertificate.sh goodies , my windows didn't respon to the eap
> challenge sent by Radiator, do u have any clue on this? or perhaps the
> problem is within my 2950 catalyst ? thanks :-) 

You could try enabling debug for EAP authentication on the switch to see
how it reacts to EAP messages.

Meanwhile you could also try running wireshark on Windows to see if the
challenge with the certificate is sent by the switch to the XP box.

One thing you could try first is to use even lower value for
EAPTLS_MaxFragmentSize

The messages before certifcate are much smaller and so this challenge
would be the first that can reach the maximum size.

Thanks!

-- 
Heikki Vatiainen <hvn at open.com.au>

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.


More information about the radiator mailing list