I don't where is your problem, but i've the same config that's works.
> rlm_eap_md5: No password configured for this user Check your users file if there a line like this : (don't use Auth-Type) veraldi User-Password == "xxxx"
See below some informations on my conf : ======================================== FreeRadius-snapshot-20040203 Openssl-0.9.7c
WinXP SP1 supplicant for PEAP, EAP/TLS Alfa-Ariss Supplicant for EAP/TTLS
catalyst 2950 (IOS Version 12.1(19)EA1a) ---------------------------------------- ! config aaa new-model ! ... aaa authentication dot1x default group radius ! ... aaa authorization network default group radius ! ... dot1x system-auth-control ! ... interface FastEthernet0/19 description --- 802.1x Test --- switchport mode access no ip address duplex full speed 100 dot1x port-control auto spanning-tree portfast ! ... radius-server host <deleted> auth-port 1812 acct-port 1813 timeout 3 radius-server retransmit 3 radius-server key <deleted> !... end
Radiusd config : ---------------- Users file ---------- #========================================================= # Test's User for 802.1x EAP/MD5, EAP/PEAP or EAP/TTLS #========================================================= jpc User-Password == "whatever"
#========================================================= # Test's User for 802.1x EAP/TLS #========================================================= chapalain Service-Type = Framed-User
# Reject all #--------------------------------------------------------- DEFAULT Auth-Type := Reject
radiusd.conf ------------
# ... # usercollide: Turn "username collision" code on and off. See the # "doc/duplicate-users" file # # WARNING : verify the value of this parameter, i've a problem with it usercollide = no # ... modules { # ... eap {
default_eap_type = tls timer_expire = 60 ignore_unknown_eap_types = no
md5 { }
leap { }
tls {
private_key_password = <deleted>
private_key_file = /etc/1x/certs/custren.gicm.net.pem
certificate_file = /etc/1x/certs/custren.gicm.net.pem
CA_file = /etc/1x/certs/root.pem
dh_file = /etc/1x/DH random_file = /etc/1x/random
fragment_size = 1024
include_length = yes
}
ttls {
default_eap_type = md5
copy_request_to_tunnel = no
use_tunneled_reply = no
} peap { default_eap_type = mschapv2 } mschapv2 { } } # ... } # ... authorize { preprocess chap mschap suffix ldap eap files } authenticate { Auth-Type PAP { pap } Auth-Type CHAP { chap } Auth-Type MS-CHAP { mschap } Auth-Type LDAP { ldap } eap } # ...
Regards, Jean-Paul. -- -- Jean-Paul Chapalain - GICM - Resp. Reseaux et Infrastructure -- 32 rue Mirabeau - Le Relecq-Kerhuon - 29808 Brest Cedex 9, FRANCE -- Tel +33298002873 - Fax +33298284005 - [EMAIL PROTECTED] -- Key Fingerprint: 192C 1CFE F24A 050D F280 A086 AF15 8631 3ABB 4C7D
smime.p7s
Description: S/MIME Cryptographic Signature