José Luis Solano wrote:
Hi Jean-Paul,I 'm using Freeradius-snapshot20040203 without any change.
As you know, I'm fightting with my freeradius to run EAP/TTLS.
I use Secure W2 client and LDAP, so could you (Jean-Paul) send me your configuration, please?
I would need: -do I need to change anything when I install freeradius?
-Modules eap, authorize, authenticate and ldap in radiusd.conf
modules { pap { encryption_scheme = crypt } chap { authtype = CHAP } pam { pam_auth = radiusd } unix { cache = no cache_reload = 600 radwtmp = ${logdir}/radwtmp } eap { default_eap_type = tls timer_expire = 60 ignore_unknown_eap_types = no
md5 { }
leap { }
tls {
private_key_password = <deleted>
private_key_file = /etc/1x/certs/custren.gicm.net.pem
certificate_file = /etc/1x/certs/custren.gicm.net.pem
CA_file = /etc/1x/certs/root.pem
dh_file = /etc/1x/DH
random_file = /etc/1x/random
fragment_size = 1024
include_length = yes
}
ttls { default_eap_type = md5 copy_request_to_tunnel = no use_tunneled_reply = no }
peap { default_eap_type = mschapv2 }
mschapv2 { } }
mschap { authtype = MS-CHAP } ldap { server = <deleted> port = 3268 basedn = "dc=platine,dc=org" filter = "(cn=%u)" start_tls = no dictionary_mapping = ${raddbdir}/ldap.attrmap ldap_connections_number = 5 timeout = 4 timelimit = 3 net_timeout = 1 } }
authorize { preprocess chap mschap suffix eap files ldap }
authenticate { Auth-Type PAP { pap } Auth-Type CHAP { chap } Auth-Type MS-CHAP { mschap } unix Auth-Type LDAP { ldap } eap }
-users file configuration
# a0153 : Define the user for 802.1x Authentication #--------------------------------------------------------- a0153
# By default use Ldap for authentication #--------------------------------------------------------- DEFAULT Auth-Type := LDAP
-have you changed anything in dictionary file?No change in dictionary file.
Thanks in advance
Jean-Paul. -- -- Jean-Paul Chapalain - GICM - Resp. Reseaux et Infrastructure -- 32 rue Mirabeau - Le Relecq-Kerhuon - 29808 Brest Cedex 9, FRANCE -- Tel +33298002873 - Fax +33298284005 - [EMAIL PROTECTED] -- Key Fingerprint: 192C 1CFE F24A 050D F280 A086 AF15 8631 3ABB 4C7D
smime.p7s
Description: S/MIME Cryptographic Signature