A.L.M.Buxey at lboro.ac.uk A.L.M.Buxey at lboro.ac.uk
Tue Apr 12 08:56:40 CDT 2016


>    Is there a paper somewhere which discusses EAP PEAP Challenges? I'm
>    debugging a new controller's access to radiator and finding that a working
>    auth requires 11 udp packets each way and I don't understand why. What
>    info is being passed?

documented in the RFC and on resources such as packetlife

identity request/response
set up of EAP - transfer of the server cert (and intermediates0
(that bit can be a couple more packets)
negotiation for PEAP
PEAP tunnel creation
MSCHAPv2 challenge-response

its a lof of stuff going on..... over UDP , with possible
interesting RADIUS interactions.

if you want something with less chat, EAP-TLS or EAP-PWD ...or event EAP-FAST
are the way to go.


More information about the radiator mailing list