David Akhtar wrote:
>
> Hello people ..
>
> I have set up EAP/TLS authentication between Win-XP and Freeradius
> (recentish CVS archive). I have a setup similar to that described at
> http://www.missl.cs.umd.edu/~adam/802 .. but using XP as the supplicant.
>
> All works fine
Good News.
> and dandy until I try and get my setup to dynamicaly generate
> wep keys ..
>
> This seems to work on my microsoft/cisco setup(with MS windows 2000 radius
> server/XP supplicant / cisco 350 AP)... Having logged the wired side of this
> I've noticed that the Win2k server appends some vendor specific stuff to the
> end of the EAP-Success packet (it appends an MS-MPPE-Send-Key and a
> MS-MPPE-Recv-Key) which I assume is used by the AP (or the supplicant ?) to
> generate (or as ?) the WEP key ?
Currently EAP module doesnot send any VSAs with the Access-Accept
packet.
I think this can be achieved by calling multiple modules in
authenticate{},
just similar to authorize{}, in radiusd.conf.
For now, this feature is not supported.
> does anyone know anything about this ? .. has anyone got 'dynamic
> generation' of WEP keys working with freeradius ? ... Any pointers/help
> would be greatly appreciated !
>
Dynamic generation of WEP keys is not supported in FR.
Patches are welcome. I guess that will in a different module.
-Raghu
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
