EAP-PEAP/EAP-MSCHAPv2 authentication with extra frames

Nickolay Belchugov belchugov
Tue Sep 3 07:34:53 PDT 2013

Hi all,

My fault! It is all part of the algorithm. In fact, I was comparing
EAP-TTLS/EAP-MSCHAPv2 and PEAP/EAP-MSCHAPv2 when I saw that PEAP has more
packets transmitted. Thus, I thought it is a bug, because in all articles
it is explained that both authentication protocols are quite similar.


On 3 September 2013 11:20, Nickolay Belchugov <belchugov at gmail.com> wrote:

> Hi all,
> I am comparing several EAP authentication protocols and I found out when
> authenticating with EAP-PEAP/EAP-MSCHAPv2 some extra frames were
> transmitted during the second phase of authentication(When supplicant is
> authenticated). In fact extra 4 frames were transmitted which is equivalent
> to an EAP-MSCHAPv2 process. Thus, I suppose the second phase is repeated.
> But, in the end, there is successful authentication, of course.
> Here's my network configuration:
> Supplicant[wpa_supplicant 1.0/2.0]<---emulated 802.11a
> network-->Authenticator[hostapd]<---linux bridge-->Authentication
> Server[freeradius 2.1.12]
> So have you ever noticed this issue?
> Cheers,
> Nicko

Nickolay Belchugov
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.shmoo.com/pipermail/hostap/attachments/20130903/c244b6c4/attachment.htm>

More information about the Hostap mailing list