I succeeded in do to run a configuration only for EAP/TTLS with a LDAP backend.
I use freeradius-snapshot of 04/feb/2004 and TTLS client of Alfa & Arris (SecureW2) on WinXP.
See below 'users' file : # a0153 : Define the user for 802.1x Authentication #--------------------------------------------------------- a0153
# By default use Ldap for authentication #--------------------------------------------------------- DEFAULT Auth-Type := LDAP
See below 'radiusd.conf' file :
modules {
eap {
default_eap_type = tls
timer_expire = 60
ignore_unknown_eap_types = no
md5 {
}
leap {
}
tls {
private_key_password = <deleted>
private_key_file = /etc/1x/server.gicm.net.pem
certificate_file = /etc/1x/server.gicm.net.pem
CA_file = /etc/1x/root.pem
dh_file = /etc/1x/DH
random_file = /etc/1x/random
fragment_size = 1024
include_length = yes
}
ttls {
default_eap_type = md5
copy_request_to_tunnel = no
use_tunneled_reply = no
}
peap {
default_eap_type = mschapv2
}
mschapv2 {
}
}
ldap { server = <deleted> port = <deleted> basedn = "dc=platine,dc=org" filter = "(cn=%u)" start_tls = no #access_attr = "dialupAccess" ldap_connections_number = 5 timeout = 4 timelimit = 3 net_timeout = 1 } } authorize { eap ldap }
authenticate {
Auth-Type LDAP {
ldap
}
eap
}Regards,
Jean-Paul. -- -- Jean-Paul Chapalain - GICM - Resp. Reseaux et Infrastructure -- 32 rue Mirabeau - Le Relecq-Kerhuon - 29808 Brest Cedex 9, FRANCE -- Tel +33298002873 - Fax +33298284005 - [EMAIL PROTECTED] -- Key Fingerprint: 192C 1CFE F24A 050D F280 A086 AF15 8631 3ABB 4C7D
smime.p7s
Description: S/MIME Cryptographic Signature
