Yes, Alan, we already now that thedefault config do works! my mind: freeradius
(in our case, sergio and me) is correctly configured. But, we encounterd a
problem showing no error message. so to make the log slimmer, why not
deactivate some non mandatory module in our scenario?? so the output will show
the strict necessary information...
eg: PAPi don't need PAP module at all to figure out the problem of
PEAP/mschapv2 and Active Directory.
and Another question Alan: did you test the bootstrap scrip in windows and can
you tell us how it works at your side please? how do you find the
certificatuion chain!!!
thanx a lot
----- Message d'origine ----
De : Alan DeKok <[EMAIL PROTECTED]>
À : FreeRadius users mailing list <freeradius-users@lists.freeradius.org>
Envoyé le : Dimanche, 27 Juillet 2008, 8h51mn 35s
Objet : Re: Re : cert bootstrap bug? (was Re: definitively, I have a problem
with eap-tls)
Sergio wrote:
> I'm agree, a good begining would be comment out all modules you're not
> using. The instances of the modules are in sites-enabled/default and
> sites-enabled/inner-tunnel (for peap and ttls).
For debugging... no. The default configuration file WORKS in the
widest possible set of circumstances. If it isn't working, it's usually:
a) the client (e.g. Windows)
b) the NAS (e.g. recent comments about 3com)
You should edit the default configuration ONLY for production
environments, and ONLY after the debug setup is working to your
satisfaction.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
_____________________________________________________________________________
Envoyez avec Yahoo! Mail. Une boite mail plus intelligente http://mail.yahoo.fr-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
