hostapd 1.3.5, madwifi, internal EAP-PEAP/MSCHAPv2 w/ WinXP supplicant

Coert Vonk coert.vonk
Sun Feb 6 21:39:54 PST 2005 

Thanks, this got me a step further

It now appears to disagree during MSCHAPV2

I included the updated config and users file.  Sometimes it appears to
be looking for the username without the PC name, and other times it
includes the PC name.  I added both to the users file to be sure.

thanks for the help
Coert

On Sun, 6 Feb 2005 15:48:17 -0800, Jouni Malinen <jkmaline at cc.hut.fi> wrote:
> On Sun, Feb 06, 2005 at 01:57:32PM -0800, Coert Vonk wrote:
> 
> > Thanks for the reply.  Attached are the configuration files and log.
> > Sorry for the delay.  My initial reply bounced because the email
> > exceeded 25kB.  This time the log file is compressed (use gunzip to
> > uncompress).
> 
> Thanks.
> 
> It looks like you have configured the phase 2 authentication to use MD5,
> but the Windows XP supplicant does not support this. Please re-test
> after replacing MD5 with MSCHAPV2 in hostapd.eap_user.
> 
> In hostapd log, you can see this failure in negotiation for phase 2 EAP
> method:
> 
> hostapd tries MD5:
> 
> EAP-Identity: Peer identity - hexdump_ascii(len=15):
>      43 52 4f 58 5c 43 6f 65 72 74 20 56 6f 6e 6b      CROX\Coert Vonk
> EAP-PEAP: PHASE2_ID -> PHASE2_METHOD
> EAP-PEAP: try EAP type 4
> 
> client does not support it, asks for MSCHAPv2:
> 
> EAP-PEAP: received Phase 2: code=2 identifier=108 length=6
> EAP-PEAP: Phase2 type Nak'ed; allowed types - hexdump(len=1): 1a
> EAP: processing NAK (current EAP method index 1)
> 
> hostapd was configured not to allow MSCHAPv2 so it rejects
> authentication (not very clear from the debug log, but that is what is
> happening here):
> 
> EAP: list of methods supported by the peer - hexdump(len=1): 1a
> EAP: new list of configured methods - hexdump(len=8): 04 00 00 00 00 00 00 00
> EAP-PEAP: PHASE2_METHOD -> PHASE2_TLV
> 
> client acknowledges this:
> 
> EAP-TLV: Result TLV - hexdump(len=2): 00 02
> EAP-TLV: TLV Result - Failure - requested Failure
> 
> --
> Jouni Malinen                                            PGP id EFC895FA
> _______________________________________________
> HostAP mailing list
> HostAP at shmoo.com
> http://lists.shmoo.com/mailman/listinfo/hostap
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: log.gz
Type: application/x-gzip
Size: 6775 bytes
Desc: not available
Url : http://lists.shmoo.com/pipermail/hostap/attachments/20050206/dbbe3418/attachment.bin 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: hostapd.conf
Type: application/octet-stream
Size: 660 bytes
Desc: not available
Url : http://lists.shmoo.com/pipermail/hostap/attachments/20050206/dbbe3418/attachment.obj 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: hostapd.eap_user
Type: application/octet-stream
Size: 212 bytes
Desc: not available
Url : http://lists.shmoo.com/pipermail/hostap/attachments/20050206/dbbe3418/attachment-0001.obj

More information about the Hostap mailing list