Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
910
Views
0
Helpful
1
Replies

EAP-PEAP authentication

romain.goldswain
Level 1
Level 1

ā€Ž08-31-2016 11:31 PM - edited ā€Ž07-05-2021 05:45 AM

Hi 

I am trying to connect to a cisco network that authenticates users by eap-peap. I am using linux Ubuntu and have manually entered the settings that I could find on the internet.

network={
        ssid="Imperial-WPA"
        priority=1
        proto=RSN
        key_mgmt=WPA-EAP
        pairwise=CCMP
        auth_alg=OPEN
        eap=PEAP
        identity="my username "
        password="my password normally and in hex keys "
        phase1="peaplabel=0"
        phase2="auth=MSCHAPV2"

But it still doesnt allow me to connect. I believe the user certificate is missing does anyone have any idea how I can get it to connect
Labels:
0 Helpful
1 Reply 1

Freerk Terpstra
Level 7
Level 7

ā€Ž09-05-2016 08:39 AM

Because you use MSCHAPv2 for phase2, no client certificate is involved within the authentication. However, there is a server certificate involved on the RADIUS server side for setting up phase 1. It depends on the settings and the supplicant but it might be required to define the public cert of the RADIUS server so it can be validated by the client.

Before making any changes on the client side I would start troubleshooting on the RADIUS server. There should be some log(file) with more information regarding your session and what the end-result is. A decent RADIUS server (like Cisco ISE) will even tell you what might be going wrong (client refusing the server certificate for example). If you don't see any incoming session I would look for a log(file) on the client itself. Good luck!

Please rate useful posts... :-)

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card