Re: Alfa&Ariss Client Heeeeeeeeeeeeelp!!!!!!!

Mon, 23 Feb 2004 01:51:13 -0800

Hi José,

José Luis Solano wrote:
Hi Jean-Paul,

As you know, I'm fightting with my freeradius to run EAP/TTLS.

I use Secure W2 client and LDAP, so could you (Jean-Paul) send me your
configuration, please?

I would need:
-do I need to change anything when I install freeradius?
I 'm using Freeradius-snapshot20040203 without any change.

-Modules eap, authorize, authenticate and ldap in radiusd.conf 
modules {
        pap {
                encryption_scheme = crypt
        }
        chap {
                authtype = CHAP
        }
        pam {
                pam_auth = radiusd
        }
        unix {
                cache = no
                cache_reload = 600
                radwtmp = ${logdir}/radwtmp
        }
        eap {
                default_eap_type = tls
                timer_expire     = 60
                ignore_unknown_eap_types = no

                md5 {
                }

                leap {
                }

tls {
private_key_password = <deleted>
private_key_file = /etc/1x/certs/custren.gicm.net.pem
certificate_file = /etc/1x/certs/custren.gicm.net.pem
CA_file = /etc/1x/certs/root.pem
dh_file = /etc/1x/DH
random_file = /etc/1x/random
fragment_size = 1024
include_length = yes
}

                ttls {
                        default_eap_type = md5
                        copy_request_to_tunnel = no
                        use_tunneled_reply = no
                }

                 peap {
                        default_eap_type = mschapv2
                }

                mschapv2 {
                }
        }

        mschap {
                authtype = MS-CHAP
        }
        ldap {
                server = <deleted>
                port = 3268
                basedn = "dc=platine,dc=org"
                filter = "(cn=%u)"
                start_tls = no
                dictionary_mapping = ${raddbdir}/ldap.attrmap
                ldap_connections_number = 5
                timeout = 4
                timelimit = 3
                net_timeout = 1
        }
}

authorize {
        preprocess
        chap
        mschap
        suffix
        eap
        files
        ldap
}

authenticate {
        Auth-Type PAP {
                pap
        }
        Auth-Type CHAP {
                chap
        }
        Auth-Type MS-CHAP {
                mschap
        }
        unix
        Auth-Type LDAP {
                ldap
        }
        eap
}

-users file configuration 
# a0153 :  Define the user for 802.1x Authentication
#---------------------------------------------------------
a0153

# By default use Ldap for authentication
#---------------------------------------------------------
DEFAULT Auth-Type := LDAP

-have you changed anything in dictionary file?
No change in dictionary file.



Thanks in advance



Jean-Paul.
--
--  Jean-Paul Chapalain - GICM -  Resp. Reseaux et Infrastructure
--  32 rue Mirabeau - Le Relecq-Kerhuon - 29808 Brest Cedex 9, FRANCE
--  Tel +33298002873 - Fax +33298284005 - [EMAIL PROTECTED]
--  Key Fingerprint: 192C 1CFE F24A 050D F280 A086 AF15 8631 3ABB 4C7D

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Reply via email to