Security

not sure how many people actually use EAP-MD5 but we do and it broke with the upgrade to version 6.5. apparently due to the encrypting of the password of the local user and admin database EAP-MD5 doesn't work anymore as it requires a plain text password for comparing. the alternative in 6.5 is to use the guest user repository or an external LDAP server.

for everyone that is using EAP-MD5 in which identity store do you put your username / password up to now?

I wanted to reply sooner but I've been OOO.

I've just had a LONG discussion with DEV about this issue. The short is that we will address this issue in an up-coming release, were actively reviewing solutions to decide what mix of function/feature/security will best work, deploying GUEST accounts is not the solution.

I will post back here when we close and I can share more details with you all.

thanks Danny, good to see this will be addressed.

Any update on this? Trying to get ShoreTel phones to auth via 802.1X with EAP-MD5 (auth type of ShoreTel) running 6.5.3.x.

Josh,

The issue we 'intoduced' on 6.5.0, was fixed in 6.5.1.... in the releae notes it refers to 'reversable password'...... this was the crux of this problem.

and i can confirm it worked fine for the customer where we had this issue.