[strongSwan] ikev2 eap-radius ttls pap

Thomas Will thomas.will at xinux.de
Mon Feb 9 12:00:05 CET 2015


i am playing around with radius and ldap ...

i configured 802.1x access inner-tunnel pap for my wlan-accesspoints

the choice to eap-ttls with pap was, because the crypt-format of the 
passwords was more flexible

it works fine ....

is it possible to uses strongswan with eap-ttls and pap?

is there an initiator_auth setting for the inner-tunnel?

i can't find a setting on the android client zu use pap?

the log show only mschap ...

[mschapv2] # Executing group from file /etc/freeradius/sites-enabled/default
[mschapv2] +- entering group MS-CHAP {...}
[mschap] No Cleartext-Password configured.  Cannot create LM-Password.
[mschap] No Cleartext-Password configured.  Cannot create NT-Password.
[mschap] Creating challenge hash with username: thomas.will
[mschap] Told to do MS-CHAPv2 for thomas.will with NT-Password
[mschap] FAILED: No NT/LM-Password.  Cannot perform authentication.
[mschap] FAILED: MS-CHAP2-Response is incorrect
++[mschap] returns reject


thomas will
- xinux e.K.- networking - security - consulting - training   -
- novell certified linux professional - lpi level 2 certified -
- fon 06332 44040  - fax 06332 899227  - mobil 0170 52 18 548  -
- 66482 zweibruecken - wichernstr. 18  - http://www.xinux.de  -
- Amtsgericht  -  Registergericht  -  Zweibruecken - HRA 1518 -

More information about the Users mailing list