I don't where is your problem, but i've the same config that's works.
> rlm_eap_md5: No password configured for this user Check your users file if there a line like this : (don't use Auth-Type) veraldi User-Password == "xxxx"
See below some informations on my conf : ======================================== FreeRadius-snapshot-20040203 Openssl-0.9.7c
WinXP SP1 supplicant for PEAP, EAP/TLS Alfa-Ariss Supplicant for EAP/TTLS
catalyst 2950 (IOS Version 12.1(19)EA1a) ---------------------------------------- ! config aaa new-model ! ... aaa authentication dot1x default group radius ! ... aaa authorization network default group radius ! ... dot1x system-auth-control ! ... interface FastEthernet0/19 description --- 802.1x Test --- switchport mode access no ip address duplex full speed 100 dot1x port-control auto spanning-tree portfast ! ... radius-server host <deleted> auth-port 1812 acct-port 1813 timeout 3 radius-server retransmit 3 radius-server key <deleted> !... end
Radiusd config : ---------------- Users file ---------- #========================================================= # Test's User for 802.1x EAP/MD5, EAP/PEAP or EAP/TTLS #========================================================= jpc User-Password == "whatever"
#=========================================================
# Test's User for 802.1x EAP/TLS
#=========================================================
chapalain
Service-Type = Framed-User# Reject all #--------------------------------------------------------- DEFAULT Auth-Type := Reject
radiusd.conf ------------
# ...
# usercollide: Turn "username collision" code on and off. See the
# "doc/duplicate-users" file
#
# WARNING : verify the value of this parameter, i've a problem with it
usercollide = no
# ...
modules {
# ...
eap { default_eap_type = tls
timer_expire = 60
ignore_unknown_eap_types = no md5 {
} leap {
}tls {
private_key_password = <deleted>
private_key_file = /etc/1x/certs/custren.gicm.net.pem
certificate_file = /etc/1x/certs/custren.gicm.net.pem
CA_file = /etc/1x/certs/root.pem
dh_file = /etc/1x/DH
random_file = /etc/1x/randomfragment_size = 1024
include_length = yes
}
ttls {
default_eap_type = md5
copy_request_to_tunnel = no
use_tunneled_reply = no
}
peap {
default_eap_type = mschapv2
}
mschapv2 {
}
}
# ...
}
# ...
authorize {
preprocess
chap
mschap
suffix
ldap
eap
files
}
authenticate {
Auth-Type PAP {
pap
}
Auth-Type CHAP {
chap
}
Auth-Type MS-CHAP {
mschap
}
Auth-Type LDAP {
ldap
}
eap
}
# ...Regards, Jean-Paul. -- -- Jean-Paul Chapalain - GICM - Resp. Reseaux et Infrastructure -- 32 rue Mirabeau - Le Relecq-Kerhuon - 29808 Brest Cedex 9, FRANCE -- Tel +33298002873 - Fax +33298284005 - [EMAIL PROTECTED] -- Key Fingerprint: 192C 1CFE F24A 050D F280 A086 AF15 8631 3ABB 4C7D
smime.p7s
Description: S/MIME Cryptographic Signature
