Alan, At your request, I'll try to reformat this so that it is presented as a problem/challenge rather than a "why doesn't my solution work" post:
Problem: My AP is a 3com 7250. It requires that you enable 802.1x on itself, the client, and the radius server if you want to use the radius server as the "authentication" server. My understanding is that 802.1x requires EAP-something. I chose EAP-TLS because my client is stock XP and my understanding is that EAP-TLS is my only option with that client. My boss asked me if it was possible to authenticate our wireless users against Novell's eDirectory (LDAP). He did not specifically require 802.1x/EAP-anything. The only reason I'm using 802.1x/EAP is because the AP requires it. I have successfully implemented EAP-TLS authentication between the client, AP, and freeradius. Now I am attempting to "add" LDAP authentication, but have not been successful. I can provide any configs/logs if needed. Solution: None so far. Anyone have any suggestions/comments? What would ya'll do in my position? thanks, mack On 21 Jun 2004 at 23:52, Alan DeKok wrote: > "Mack" <[EMAIL PROTECTED]> wrote: > > My AP requires that I enable 802.1x in order to use RADIUS > > authentication. So, I figured I'd use EAP-TLS. > > Are you picking it at random, or are youi looking at the features it > offers, and using your requirements to decide on a solution? > > > I'm just testing now...using an XP client, so I chose to use > > EAP-TLS. I want to use LDAP because that's where our userbase is > > stored (Novell eDirectory). The idea is to authenticate users via > > LDAP. > > I thought I had been pretty clear in my response: EAP-TLS and LDAP > are mutually incompatible. Stop trying to get them to work togerther. > > > I'm only using EAP-TLS because the AP won't let me use RADIUS > > otherwise. Of course, I'm such a newbie that I'm probably getting > > it all wrong. That's where I was hoping the list would help. > > You should ask about how to solve a problem, rather than asking why > the solution you chose didn't work. > > > If you were given my task, how would you go about implementing this? > > I told you. Go back and read my message. > > If you could describe a problem, I might be able to come up with an > alternate solution. > > Alan DeKok. > > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html > > -- > This message has been scanned for viruses and > dangerous content by the CSU Email Gateway, and is > believed to be clean. > -- This message has been scanned for viruses and dangerous content by the CSU Email Gateway, and is believed to be clean. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
