Witaj Wilfried, You wrote:
WQ> I'm trying to start freeradius with a peap client but it doesn't work. WQ> How can I do. I work on about one month ago, so I'll try to help a little... First the question: What client do you use? I've ran PEAP successfully with Windows 2000 built-in 802.1X client, but I have problems with Funk Odyssey Client (FreeRADIUS accepts, AP too, but Clieny says that "authentication rejected by server"). Oki. let's look at your configuration ... WQ> In users file : WQ> toto Auth-Type := EAP, User-Password == WQ> "0x7666F0D93535E6C2F6A3DDAD29A7EF55" I have just something like that: toto User-Password == "whatever" WQ> With only TLS, i have no problem with my own certificates. don't know what to say, it work to me, after reading some howtos (you can find links on FreeRADIUS site) WQ> Thank you very much (i'm despaired). :) I hope somebody will answer too, because I know still not enough :( I made only few changes in original radiusd.conf, so I can't say much about your configuration... TLS: WQ> tls: rsa_key_exchange = no WQ> tls: dh_key_exchange = yes WQ> tls: rsa_key_length = 512 WQ> tls: dh_key_length = 512 WQ> tls: verify_depth = 0 WQ> tls: CA_path = "(null)" WQ> tls: pem_file_type = yes WQ> tls: private_key_file = "/usr/local/radius093/etc/raddb/cert-srv6.pem" WQ> tls: certificate_file = "/usr/local/radius093/etc/raddb/cert-srv6.pem" WQ> tls: CA_file = "/usr/local/radius093/etc/raddb/root6.pem" WQ> tls: private_key_password = "xxxxx" WQ> tls: dh_file = "/usr/local/radius093/etc/raddb/DH" WQ> tls: random_file = "/usr/local/radius093/etc/raddb/random" WQ> tls: fragment_size = 1024 WQ> tls: include_length = yes WQ> tls: check_crl = no WQ> rlm_eap: Loaded and initialized type tls I need it only for tests, so I used certificates which I found in a raddb directory after install. I imported them to Windows root certificate database. (I used CVS version from half of February). PEAP: WQ> peap: default_eap_type = "mschapv2" WQ> peap: copy_request_to_tunnel = yes WQ> peap: use_tunneled_reply = yes WQ> rlm_eap: Loaded and initialized type peap I had both: copy_request_to_tunnel and use_tunneled_reply set to no. log: WQ> Login incorrect: [toto/<no User-Password attribute>] (from client WQ> borne-aironet port 274 cli 0004.2372.d636) problem with password? -- Regards and good luck, Marcin K. mailto:[EMAIL PROTECTED] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
