Huckle Berry wrote: > First off, forgive me if this has been asked before on this list (I did > do a search first, yet no results proved useful). > > I am on a fact finding mission to see whether freeradius is going to be > feasible to deploy in my environment (~50 users over ~40 windows and > linux desktops). On a test network I have configured an Ubuntu 9.10 > Server with a patched freeradius that has openssl (oh what fun that was > to build).
? Building 2.1.7 with OpenSSL should be little more than editing a debian config file. 2.1.8 should be available in the Debian / Ubuntu repositories *with* OpenSSL support. > I have so far altered the original configuration by only a few lines, as > everywhere I go I see Alan screaming "Don't change the config!". Because people keep changing massive amounts of things they don't understand, and asking "why is it broken?" > I > changed eap.conf by the following > > default_eap_type = tls > ... > fragment_size = 1024 > include_length = yes Why? > [eap] Identity does not match User-Name, setting from EAP Identity. > [eap] Failed in handler Hmm... it *should* print out reasons why it failed. There must be a code path (i.e. one that happens rarely) where this doesn't happen. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html