If you are still failing, I would suggest you send the list a copy of your
radiusd.conf file and the output of radiusd -X when it fails. The debug
messages when it does fail, should be able to tell you why it is failing.
Without the debug info, we can only guess.
-Dusty Doris
On Thu, 16 Dec 2004, Joe Raviele wrote:
> EAP is in both the authenticate and authorize sections. I still have
> not gotten it to work, today I am trying several different
> permutations of the users file.
>
> - Joe
>
>
> On Thu, 16 Dec 2004 08:44:20 -0500 (EST), Dustin Doris
> <[EMAIL PROTECTED]> wrote:
> >
> > > I have a radius box set up using 1.0.1. Currently it is doing
> > > authentication and working fine. I am trying to integrate in 802.1x
> > > auth. I have the EAP-TTLS w/ PAP working fine with a users entry of
> > > "username" User-Password == "test", but I am confused how the users
> > > and authorize and authenticate sections of the radiusd file should be
> > > set to have EAP look at an LDAP entry. I know I have to set the pap
> > > module to md5 to work with the LDAP and that I will have a new
> > > huntgroup just for the .1x authentication, but I am stumped from
> > > there. Below is how my users file and radiusd look now, my question is
> > > really how should they look when I intergrate in the .1x
> > >
> > > Thanks in advance guys, you have helped me out in the past and I would
> > > appreciate anything else you could do for me now.
> > >
> > > - Joe
> > >
> > >
> > > ***radiusd.conf
> > > ...
> > > authorize {
> > > autztype VPN_LDAP {
> > > redundant {
> > > VPN_LDAP1
> > > VPN_LDAP2
> > > }
> > > }
> > >
> > > autztype Dial_LDAP {
> > > redundant {
> > > Dial_LDAP1
> > > Dial_LDAP2
> > > }
> > > }
> > > ...
> > > authenticate {
> > > authtype VPN_LDAP {
> > > redundant {
> > > VPN_LDAP1
> > > VPN_LDAP2
> > > }
> > > }
> > >
> > > authtype Dial_LDAP {
> > > redundant {
> > > Dial_LDAP1
> > > Dial_LDAP2
> > > }
> > > }
> > >
> > > ***users
> > >
> > > DEFAULT Autz-Type := VPN_LDAP, Auth-Type := VPN_LDAP, Huntgroup-Name ==
> > > VPN
> > >
> > >
> > > DEFAULT Autz-Type := Dial_LDAP, Auth-Type := Dial_LDAP, Huntgroup-Name ==
> > > DIAL
> > > Service-Type == Framed-User,
> > > Ascend-Assign-IP-Pool = 1,
> > > Framed-IP-Address = 255.255.255.254,
> > > Framed-MTU = 1524,
> > > Service-Type = Framed-User,
> > > Fall-Through = No
> > >
> > > -
> >
> > Do you have eap in your authorize and authenticate sections?
> >
> >
> > -
> > List info/subscribe/unsubscribe? See
> > http://www.freeradius.org/list/users.html
> >
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
