TTLS/PEAP seg faults
can I do something about this? I'm using ldap in authorize{}(just uncommented it and not using in it in authenticate{}(I don't need it for EAP-TTLS right?) Do I need to add the auth-type ldap in users? I'm around this for a week now :( rad_recv: Access-Request packet from host 192.168.5.1:2048, id=0, length=247 User-Name = "forevertheuni" NAS-IP-Address = 192.168.5.1 Called-Station-Id = "000ea65b5239" Calling-Station-Id = "0011f547e038" NAS-Identifier = "000ea65b5239" NAS-Port = 31 Framed-MTU = 1400 State = 0x729d931bc6bfa59612707c69d4ac0269 NAS-Port-Type = Wireless-802.11 EAP-Message = 0x0201006c15001603010061015d0301444ac484048c1ded0c6a1a0ff213c2e6a1632cd26d6c89501a7f6d10461f81533600390038003500160013000a00330032002f0007006600050004006300620061001500120009006500640060001400110008000600030100 Message-Authenticator = 0xbaf1f6903393341b2e2cddff9dc928d4 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 4 modcall[authorize]: module "preprocess" returns ok for request 4 modcall[authorize]: module "chap" returns noop for request 4 modcall[authorize]: module "mschap" returns noop for request 4 rlm_realm: No '@' in User-Name = "forevertheuni", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 4 rlm_eap: EAP packet type response id 1 length 108 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 4 modcall[authorize]: module "files" returns notfound for request 4 rlm_ldap: - authorize rlm_ldap: performing user authorization for forevertheuni radius_xlat: '(uid=forevertheuni)' radius_xlat: 'ou=Users,dc=cartoons,dc=buh' rlm_ldap: ldap_get_conn: Checking Id: 0 rlm_ldap: ldap_get_conn: Got Id: 0 rlm_ldap: performing search in ou=Users,dc=cartoons,dc=buh, with filter (uid=forevertheuni) rlm_ldap: checking if remote access for forevertheuni is allowed by uid rlm_ldap: looking for check items in directory... rlm_ldap: looking for reply items in directory... rlm_ldap: user forevertheuni authorized to use remote access rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module "ldap" returns ok for request 4 modcall: leaving group authorize (returns updated) for request 4 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 4 rlm_eap: Request found, released from the list rlm_eap: EAP/ttls rlm_eap: processing type ttls rlm_eap_ttls: Authenticate rlm_eap_tls: processing TLS eaptls_verify returned 7 rlm_eap_tls: Done initial handshake (other): before/accept initialization TLS_accept: before/accept initialization Segmentation fault: 11 (core dumped) [EMAIL PROTECTED] /home/forevertheuni]# - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: EAP-TLS + LDAP
Em Quinta, 20 de Abril de 2006 16:52, o Alan DeKok escreveu: > sukhvinder kumar <[EMAIL PROTECTED]> wrote: > > So if i comment the line Auth-Type LDAP , then how can > > i authenticate the users as we are using LDAP only. > > EAP-TLS does certificate authentication, and doesn't use, or require > user/password checks. > > So you *can't* use LDAP. hmm so ldap should be in authorize{} and not in authenticate{}? pgp11yyGqS03H.pgp Description: PGP signature - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Fwd: Fwd: LDAP+EAP
In the TLS/TTLS attenpts or in all of them?The client doesn't have ip right . all the connection is made by the Acess Point? I'll probably try with a windows computer or something.I'm using wpa_supplicant/wpa_gui. and I authenticate with 802.1x in my university ok. On Tuesday 18 April 2006 22:36, Alan DeKok wrote: > [EMAIL PROTECTED] wrote: > > That's xpextensions? I think it's ok now. but I still have not > > authentication (I have a update in http://nebioq.ath.cx:85/radiuslog.txt > > ). I have cert-src.pem cert-clt.pem .der (for both) and .p12(for both) > > with TTLS both freeradius and wpa_supplicant crash now :(. I've read > > everything in freeradius.org/doc ..couldn't find help > > The client isn't responding to the server. Go ask the client why > this is happening. > > There's little you can do to the server to make the client respond to it. > > Alan DeKok. > > > - > List info/subscribe/unsubscribe? See > http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Fwd: LDAP+EAP
I have seen the output of radiusd -X -A It's in http://nebioq.ath.cx:85/radiuslog.txt I've made some other tries I don't if I'm closer or far away from goal. Run the server in debugging mode and read the output. ALL of it. Alan DeKok. -- Mensagem Reencaminhada -- Subject: LDAP+EAP Date: Segunda, 17 de Abril de 2006 20:54 From: João Mamede <[EMAIL PROTECTED]> To: freeradius-users@lists.freeradius.org Well noone gave me a hint about my config...so can someone send me your raddb dir(withouth the secrets and certs of course) of a freeradius+ldap+EAP to authenticate in an access point?I've read all the man's howto's everything I still can't understand why EAP is failing(radtest works ok for my ldap users) Best Regards João Mamede --- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
LDAP+EAP
Well noone gave me a hint about my config...so can someone send me your raddb dir(withouth the secrets and certs of course) of a freeradius+ldap+EAP to authenticate in an access point?I've read all the man's howto's everything I still can't understand why EAP is failing(radtest works ok for my ldap users) Best Regards João Mamede - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
ldap+radius+wpa 802.1x authentication
No help for me?I'm desperate I've lost 3 nights now :D I already have my own certs. Best Regards João Mamede Hi I've been trying to set up my freeradius with my ldap database(all users to authenticate) and I can't authenticate my wireless machines using my AP with EAP. all my config files can be found at http://nebioq.ath.cx:85/radius.tar.bz2 and my radiusd -X -A in http://nebioq.ath.cx:85/radiuslog.txt I've tried EAP-MD5 and EAP-TTLS I'm using the certs that came with freeradius because I'm unable to create new one's(an error about some library or something). I can associate to my AP(d-link DI-624) but then the EAP auth fails. My machine is a freeBSD machine(with the radiusd). Oh radtest: radtest forevertheuni mypassword t4 0 radiussecret Sending Access-Request of id 42 to 192.168.5.100 port 1812 User-Name = "forevertheuni" User-Password = "mypassword" NAS-IP-Address = 255.255.255.255 NAS-Port = 0 rad_recv: Access-Accept packet from host 192.168.5.100:1812, id=42, length=20 Hope you folks can help me! Thanks for any help in advance. João Mamede - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html