Hi Stewart,
> If I run radtest (both locally on the server and from another IP which
> is included in clients.conf) I now get a successful acknowledgement:
>
> rad_recv: Access-Accept packet from host 192.168.0.51 port 1812,
> id=98, length=20
>
> The challenge is that the username and password included in the
> connection string don't seem to have any impact at all:
>
> radtest demouser wrongpassword 192.168.0.51 10 testing123 {works}
> radtest demouser correctpassword 192.168.0.51 10 testing123 {works}
This is because you are sending PAP authentication to RADIUS. By
default, everything that is not EAP will be allowed (have a look in the
first line of the /etc/raddb/users) regardless of what you are sending.
Now I don't know what you are trying to achieve, maybe you can add more
details. Are you trying to do WPA2-Enterprise authentication? If it's
the case, keep in mind that radtest is only able to do EAP-MD5, not
PEAP. That will fail if you are trying to test with radtest, RADIUS is
configured to do PEAP using our configuration package.
>
> I'm using the default Zen registration user and can successfully
> register clients connected to the LAN via the inline interface (we're
> testing in inline mode currently, no vlan enforcement).
>
> At the end of the day I'm attempting to register a wireless client via
> a new WAP and although I get prompted for network credentials nothing
> else happens.
If you are using inline, you don't need to have security on the wireless
side, you put the SSID straight into the inline VLAN, that's it. If you
want encryption, use WPA/WPA2-PSK instead, it's much more easier to make
it work than WPA2-Enterprise.
Hope it helps.
--
Francois Gaudreault, ing. jr
[email protected] :: +1.514.447.4918 (x130) :: www.inverse.ca
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence
(www.packetfence.org)
------------------------------------------------------------------------------
Cloud Services Checklist: Pricing and Packaging Optimization
This white paper is intended to serve as a reference, checklist and point of
discussion for anyone considering optimizing the pricing and packaging model
of a cloud services business. Read Now!
http://www.accelacomm.com/jaw/sfnl/114/51491232/
_______________________________________________
Packetfence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
