Actually, I only have the ldap -to- radius authentication when doing a radtest. There's no eap involved at that point. I think my issue of adding the EAP/802.1x stuff is where I'm hitting the snag.
Matt Ashfield Network Analyst Integrated Technology Services University of New Brunswick (506) 447-3033 [EMAIL PROTECTED] -----Original Message----- From: Zoltan Ori [mailto:[EMAIL PROTECTED] Sent: July 11, 2006 12:33 PM To: [EMAIL PROTECTED]; 'FreeRadius users mailing list' Subject: Re: an infamous LDAP-FreeRadius question On Tuesday 11 July 2006 10:10, Matt Ashfield wrote: > When I try to connect via 802.1x from a wireless client my Radius server > debgging looks like below. Obviously the TLS session is not being setup > correctly. I'm wondering about the private_key_password attribute. I just > set it to "whatever" but that needs to correspond to a user on the LDAP > server doesn't it? I'm not sure that's been set up. You might try not using an ldaps connection if your LDAP server allows it. Comment out all the TLS in the ldap section. This TLS/SSL connection to your LDAP server is a separate issue from 802.1x. That's just between the RADIUS server and LDAP. Once you've got everything else going, go back and work with the ldaps. The main thing is to change only one thing at a time. Then you'll know exactly what broke it and what didn't. I believe you had LDAP working before, didn't you? Zoltan Ori - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html