On Tue, Nov 02, 2010 at 07:30:23AM +1300, Peter Lambrechtsen wrote: > It's probably since you didn't compile OpenLDAP and FreeRadius with OpenSSL > support. > > So you will need to recompile OpenLDAP, Cyrus SASL, OpenLDAP and FreeRadius.
No, no, no, and no. <sigh> If you want to read random debug messages, don't pick just any. Yes, he doesn't have SSL support, but the log also says pretty clearly: > > Mon Nov 1 15:06:10 2010 : Debug: rlm_eap: No EAP-Message, not doing EAP When the client does not use EAP, it's completely irrelevant that the server doesn't have support for SSL-using EAP methods. And there's clearly no reason to recompile even FR, let alone three other different pieces of software. (For the former, just use lenny-backports.) The final error state is: > > Mon Nov 1 15:06:10 2010 : Auth: Login incorrect: > > [eduardo/1\320\026\305\020B)\323I\211????\001\nx\204] (from client > > BrasilTelecom port 1812) > > Mon Nov 1 15:06:10 2010 : Debug: WARNING: Unprintable characters in the > > password. Double-check the shared secret on the server and the NAS! So, have you double-checked the shared secret? -- 2. That which causes joy or happiness. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html