Freeradius + WPA2 + Windows Client
Fajar A. Nugraha
fajar at fajar.net
Thu Aug 19 12:13:32 CEST 2010
On Thu, Aug 19, 2010 at 3:42 PM, rrperez <rrperez at apc.edu.ph> wrote:
> Sorry for the inconvenience Alan, I'm just a student and currently
> studying/exploring radius servers.
You seem to be selectively ignoring some sugesstions though. It's fine
if you REALLY know what you're doing, but this does not seem to be the
> Now I changed all the configuration back to default and make the some
> configuration to make ldap works.
> Here is the debug and it is quite different from the previous one:
Here's some things you need to take note of:
(1) If you configure clients to use PEAPv0/EAP-MSCHAPv2 (or sometimes
refered to as PEAP only), it does not supply plain-text/cleartext
(2) authenticating to Lotus Domino requires that you supply plain-text
password, since Lotus stores password using some propietary
(3) One of the EAP methods that can send plain-text password is
PEAP-GTC (others on this list have suggested TTLS-PAP)
(4) Windows by itself does not support PEAP-GTC or TTLS-PAP
(5) Thus, you need third-party supplicant to have Windows be able to
use EAP methods which sends cleartext password.
Does this make sense so far?
Have you use any third-party supplicant and configure them to do
either PEAP-GTC or TTLS-PAP? If yes, the password that you typed when
authenticating should show up in the debug log (which doesn't seem to
be the case).
Commercial supplicant is also available:
More information about the Freeradius-Users