[RADIATOR] TTLS and AuthbyLSA
Johnson, Neil M
neil-johnson at uiowa.edu
Mon Jan 10 09:48:42 CST 2011
Heikki,
TTLS-MSCHAPv2 works.
I was confused. I thought ttls-eap-mscahpv2 was ttls-mschapv2.
Still, it be nice to know why the inner identity is being found.
Thanks.
-Neil
--
Neil Johnson
Network Engineer
Information Technology Services
The University of Iowa
319 384-0938
neil-johnson at uiowa.edu
> -----Original Message-----
> From: Heikki Vatiainen [mailto:hvn at open.com.au]
> Sent: Monday, January 10, 2011 9:26 AM
> To: Johnson, Neil M
> Cc: Mike McCauley; radiator at open.com.au
> Subject: Re: [RADIATOR] TTLS and AuthbyLSA
>
> On 01/10/2011 05:02 PM, Johnson, Neil M wrote:
> > I'm using eapol_test from the wpa_supplicant sources.
>
> Can you try MSCHAPv2 instead of EAP-MSCHAPv2? If plain MSCHAPv2 runs in
> the TLS tunnel, then the User-Name attribute should be there too.
>
> Is there a specific reason why you are running EAP-MSCHAPv2?
>
> > My config file is:
> > #
> > # eapol_test -c ttls-eap-mschapv2.conf -a server -s secret
> > #
> > network={
> > ssid="example"
> > key_mgmt=WPA-EAP
> > eap=TTLS
> > identity="nmjoo"
> > anonymous_identity="nmjoo"
> > password="secret"
> > phase2="autheap=MSCHAPv2"
>
> phase2="auth=MSCHAPV2"
>
> > #
> > # Uncomment the following to perform server certificate
> validation.
> > # ca_cert = /etc/raddb/certs/ca.der
>
>
> --
> Heikki Vatiainen <hvn at open.com.au>
>
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
> TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
> DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
> NetWare etc.
More information about the radiator
mailing list