I succeeded in do to run a configuration only for EAP/TTLS with a LDAP backend.
I use freeradius-snapshot of 04/feb/2004 and TTLS client of Alfa & Arris (SecureW2) on WinXP.
See below 'users' file : # a0153 : Define the user for 802.1x Authentication #--------------------------------------------------------- a0153
# By default use Ldap for authentication #--------------------------------------------------------- DEFAULT Auth-Type := LDAP
See below 'radiusd.conf' file : modules { eap { default_eap_type = tls timer_expire = 60 ignore_unknown_eap_types = no md5 { } leap { } tls { private_key_password = <deleted> private_key_file = /etc/1x/server.gicm.net.pem certificate_file = /etc/1x/server.gicm.net.pem CA_file = /etc/1x/root.pem dh_file = /etc/1x/DH random_file = /etc/1x/random fragment_size = 1024 include_length = yes } ttls { default_eap_type = md5 copy_request_to_tunnel = no use_tunneled_reply = no } peap { default_eap_type = mschapv2 } mschapv2 { } }
ldap { server = <deleted> port = <deleted> basedn = "dc=platine,dc=org" filter = "(cn=%u)" start_tls = no #access_attr = "dialupAccess" ldap_connections_number = 5 timeout = 4 timelimit = 3 net_timeout = 1 } } authorize { eap ldap }
authenticate { Auth-Type LDAP { ldap } eap }
Regards,
Jean-Paul. -- -- Jean-Paul Chapalain - GICM - Resp. Reseaux et Infrastructure -- 32 rue Mirabeau - Le Relecq-Kerhuon - 29808 Brest Cedex 9, FRANCE -- Tel +33298002873 - Fax +33298284005 - [EMAIL PROTECTED] -- Key Fingerprint: 192C 1CFE F24A 050D F280 A086 AF15 8631 3ABB 4C7D
smime.p7s
Description: S/MIME Cryptographic Signature