Community discussions

MikroTik App
  4. RouterOS
  5. General

EAP vs. PEAP - IAS RADIUS

Post Reply
 
netadmins
just joined
Topic Author
Posts: 1
Joined: Fri Apr 03, 2009 8:52 am

EAP vs. PEAP - IAS RADIUS

Fri Apr 03, 2009 11:22 am

Hello friends,
we have got this problem with our 411AH.
We need use PEAP authentication...

If we try connect to our radius server (IAS Radius server), we cannot connect and in system log is this message:

User domain_name\user.name was denied access.
Fully-Qualified-User-Name = domain/.../User Name
NAS-IP-Address = 192.168.40.150
NAS-Identifier = MikroTik Wifi I.
Called-Station-Identifier = MAC_ADDRESS_OF_MT:SSID
Calling-Station-Identifier = MAC_ADDRESS_OF_CLIENT
Client-Friendly-Name = MikroTik Wifi I.
Client-IP-Address = 192.168.40.150
NAS-Port-Type = <not present>
NAS-Port = <not present>
Proxy-Policy-Name = Use Windows authentication for all users
Authentication-Provider = Windows
Authentication-Server = <undetermined>
Policy-Name = MIKROTIK
Authentication-Type = EAP
EAP-Type = <undetermined>
Reason-Code = 66
Reason = The user attempted to use an authentication method that is not enabled on the matching remote access policy.


There is print of MT Radius settings:
Flags: X - disabled
# SERVICE CALLED-ID DOMAIN ADDRESS SECRET
0 ppp 192.168.x.x Secret
login
hotspot
wireless
dhcp

Print of interfaces:
Flags: X - disabled, R - running, D - dynamic, S - slave
# NAME TYPE MTU
0 MikroTik Wifi I. wlan 1500
1 R Local ether 1500

Print of wireless:
Flags: X - disabled, R - running
0 name="MikroTik Wifi I." mtu=1500 mac-address=xx:xx:xx:xx:xx:xx
arp=enabled interface-type=Atheros AR5413 mode=ap-bridge
ssid="SSID" frequency=2457 band=2.4ghz-b/g scan-list=default
antenna-mode=ant-a wds-mode=disabled wds-default-bridge=none
wds-ignore-ssid=no default-authentication=yes default-forwarding=no
default-ap-tx-limit=0 default-client-tx-limit=0 hide-ssid=no
security-profile=SecPro compression=no

Security profile:
name="XXX" mode=dynamic-keys authentication-types=wpa2-eap
unicast-ciphers=aes-ccm group-ciphers=aes-ccm
supplicant-identity="MikroTik Wifi I." eap-methods=passthrough
tls-mode=verify-certificate tls-certificate=none static-algo-0=none
static-key-0="" static-algo-1=none static-key-1="" static-algo-2=none
static-key-2="" static-algo-3=none static-key-3=""
static-transmit-key=key-0 static-sta-private-algo=none
static-sta-private-key="" radius-mac-authentication=no
radius-mac-accounting=no radius-eap-accounting=yes interim-update=0s
radius-mac-format=XX:XX:XX:XX:XX:XX


Have you got any idea? Thanks for help...
Top
 
barundell
just joined
Posts: 2
Joined: Tue Feb 14, 2012 7:13 am

Re: EAP vs. PEAP - IAS RADIUS

Tue Feb 28, 2012 1:02 am

Hijack with exactly the same issue,

did you find the solution?
Top
Post Reply

Who is online

Users browsing this forum: d513, GoogleOther [Bot], jmrp87, Ullinator, vingjfg and 123 guests
  4. RouterOS
  5. General