Setup: Switches supporting ports with
MAC-based authentication
802.1x (user+password) authentication
There is a separate RADIUS (eduroam) server that handles with 802.1x
user+password stuff so the PF servers just proxy the incoming 802.1x EAP
requests to the other RADIUS server, and if it grants access then PF assigns a
role to the port and things work fine.
I have this set up on PF v6 servers just fine, but I’m struggling getting the
802.1x part it to work on v10.2 for some reason.
I configured the DEFAULT realm to proxy requests to the RADIUS server, and it
seems to receive and return the requests. Debugging it is a bit difficult since
running “radius -X” that the documentation recommends doesn’t seem to work
(complains about needing to use threads for TLS to work)? Raddebug gives… a lot
of output though :)
Anyone has succeeded in getting this fairly simple (atleast I think so :-)
setup to work?
All the documentation pointers I located using Google just talk about really
old PF versions (which worked for my old servers), and the radius config in v10
is radically different…
- Peter
_______________________________________________
PacketFence-users mailing list
PacketFence-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/packetfence-users
