It is normal - EAP-TTLS: received 0 bytes encrypted data for Phase 2?
Jouni Malinen
jkmaline
Mon Jun 26 21:46:27 PDT 2006
On Mon, Jun 26, 2006 at 09:31:12PM -0700, Andrew wrote:
> I checked your configuration for the username /password on the Radius
> server. I had double quote "" over the username, so I remove the quote,
> but got the same result. Then I tried adding "Auth-Type := MS-CHAP,",
> which I don't have that previously, but with that it fails at even
> earlier stage - It did not even start TLS handshake, and failed with
> "module "mschap" returns reject for request 0". Do I need to have
> "Auth-Type := MS-CHAP," in my users file?
Are you using anymous identity in the first authentication phase? I'm
doing that and the Auth-Type := MS-CHAP is only matching for the second
phase (tunneled authentication). You should not set Auth-Type to MS-CHAP
for the first phase authentication, so use of "anonymous" as
anonymous_identity may be the best way of getting this to work.
--
Jouni Malinen PGP id EFC895FA
More information about the Hostap
mailing list