Heikki, TTLS-MSCHAPv2 works.
I was confused. I thought ttls-eap-mscahpv2 was ttls-mschapv2. Still, it be nice to know why the inner identity is being found. Thanks. -Neil -- Neil Johnson Network Engineer Information Technology Services The University of Iowa 319 384-0938 neil-john...@uiowa.edu > -----Original Message----- > From: Heikki Vatiainen [mailto:h...@open.com.au] > Sent: Monday, January 10, 2011 9:26 AM > To: Johnson, Neil M > Cc: Mike McCauley; radiator@open.com.au > Subject: Re: [RADIATOR] TTLS and AuthbyLSA > > On 01/10/2011 05:02 PM, Johnson, Neil M wrote: > > I'm using eapol_test from the wpa_supplicant sources. > > Can you try MSCHAPv2 instead of EAP-MSCHAPv2? If plain MSCHAPv2 runs in > the TLS tunnel, then the User-Name attribute should be there too. > > Is there a specific reason why you are running EAP-MSCHAPv2? > > > My config file is: > > # > > # eapol_test -c ttls-eap-mschapv2.conf -a server -s secret > > # > > network={ > > ssid="example" > > key_mgmt=WPA-EAP > > eap=TTLS > > identity="nmjoo" > > anonymous_identity="nmjoo" > > password="secret" > > phase2="autheap=MSCHAPv2" > > phase2="auth=MSCHAPV2" > > > # > > # Uncomment the following to perform server certificate > validation. > > # ca_cert = /etc/raddb/certs/ca.der > > > -- > Heikki Vatiainen <h...@open.com.au> > > Radiator: the most portable, flexible and configurable RADIUS server > anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, > Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, > TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, > DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, > NetWare etc. _______________________________________________ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator
