I'm trying to get EAP/TLS working, and not having a lot of luck. Anyone have any pointers? Here's what I've got so far:
Installed freeradius-0.9.3.tar.gz Figured out how to get it to compile the EAP TLS libs Setup radius to work with my mysql server Setup cisco AP1200 (re-packaged 350 series) to do mac authentication via radius. This part all works fine, so I moved one to getting EAP working Created the appropriate certificates (using examples on http://www.impossiblereflex.com/8021x/eap-tls-HOWTO.htm) Edited my radiusd.conf and turned on EAP TLS, and pointed it at the certs. Loaded the certs on my laptop Set the AP to require EAP autentication and told it to use the radius server for it. Set my Auth-Type on the radius server from LOCAL to EAP (in sql table). Restarted Radius Radius starts ok, and the computer associates with the AP, then I get EAP retry limit reached for Station [MY-IP] MY-MAC-ADDRESS watching the radius logs scroll by, I don't really see any thing that looks like an eap request. Almost looks to me like the AP isn't asking the radius server about EAP authentication, or the radius server isn't listening. Anyone have any pointers? Thanks - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
