Bug : Authorization using EAP challenge does not work

[RUnnerTomsk]

I use pfsense with VPN through OpenVPN and IPSEC. Authorization via multiotp as RADIUS. Using multiotp virtual disk multiotp-open-source-vm-011-5.9.0.1.ova as VM, Authorization for OpenVPN clients working good, we use combination of username and 6-digit token as password. In RADIUS log:

Sat Sep 17 12:09:23 2022
        Packet-Type = Access-Request
        Service-Type = Login-User
        User-Name = "********"
        MS-CHAP2-Response = 0x010193c0deb82be98********
        MS-CHAP-Challenge = 0xd3e12fdea3cd11fb29********
        NAS-IP-Address = 192.168.********
        NAS-Identifier = "openVPN"
        Calling-Station-Id = "85.********:1194"
        Called-Station-Id = "68:05:ca:e5:a2:64:fw.********"
        NAS-Port-Type = Virtual
        NAS-Port = 1194
        Event-Timestamp = "Sep 17 2022 12:09:23 +07"
        Timestamp = 1663391363

But Windows IPSEC clients autorization not working, with error: *(authentication typed by the user is 13 chars long instead of 6 chars) Debug: *98 ERROR: Authentication failed (wrong token length) In radius log on same error:

Sat Sep 17 11:42:10 2022
        Packet-Type = Access-Request
        User-Name = "********"
        NAS-Port-Type = Virtual
        Service-Type = Framed-User
        NAS-Port = 11
        NAS-Port-Id = "con-mobile"
        NAS-IP-Address = 195.********
        Called-Station-Id = "195.********[4500]"
        Calling-Station-Id = "94.********[20499]"
        EAP-Message = 0x020100080319151a
        NAS-Identifier = "strongSwan"
        State = 0xc90cea89c90deef917a468da324ad24c
        Message-Authenticator = 0x8f33f3d6177ffa786cf8ea1c71128bab
        Event-Timestamp = "Sep 17 2022 11:42:10 +07"
        Timestamp = 1663389730

[multiOTP]

Hello RUnnerTomsk, We will check this issue related to IKEv2 handling by pfSense. We will make an internal lab the 4. October. Regards,