freeradius v.2.0.1 and Cisco 1200AP IOS V.12.3
Greetings I have been working with freeradius v.2.0.1 and a Cisco 1200 Series Access Point (version 12.3 IOS) for many months now with no success to getting this working. I am doing research on freeradius product for a univeristy campus that I go to for implementation in the near future. I am out of ideas of how to configure this correctly. I still to this day do not have my Cisco 1200 AP authenticating with freeradius version 2.0.1. Does anyone have a configuration setup of this type of scheme or are willing to tell me how to start from ground up to make this work. My plan is simple at this point. I want to use freeradius, a Cisco 1200 Series Access Point, and one windows xp pro client to connect to the AP and authenticate against freeradius. I appreciate any input on this matter. Thanks again open source community. Dave _ Shed those extra pounds with MSN and The Biggest Loser! http://biggestloser.msn.com/- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: freeradius v.2.0.1 and Cisco 1200AP IOS V.12.3
Dave Cummings wrote: Greetings I have been working with freeradius v.2.0.1 and a Cisco 1200 Series Access Point (version 12.3 IOS) for many months now with no success to 2.0.1 has not been out for many months getting this working. I am doing research on freeradius product for a univeristy campus that I go to for implementation in the near future. I am out of ideas of how to configure this correctly. I still to this day do not have my Cisco 1200 AP authenticating with freeradius version 2.0.1. Does anyone have a configuration setup of this type of scheme or are willing to tell me how to start from ground up to make this work. My plan is simple at this point. I want to use freeradius, a Cisco 1200 Series Access Point, and one windows xp pro client to connect to the AP and authenticate against freeradius. I appreciate any input on this matter. Thanks again open source community. Lots of people have done this. However, you haven't given enough info for us to help you. In fact, you've given *NO* info. See here: http://linuxmafia.com/faq/Essays/smart-questions.html Also, have you tried running the server in debug mode, as documented in the README? This will tell you what the server is doing when things aren't working. When installing FreeRadius 2.0.1, the only thing you should need is to add this to /etc/raddb/users usernameCleartext-Password := thepassword ...and it should work. If it doesn't, by far the most likely explanation is that you have the Cisco AP configured incorrectly; you will need to examine the Cisco documentation, this is not a Cisco support list. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: freeradius v.2.0.1 and Cisco 1200AP IOS V.12.3
Hi, When installing FreeRadius 2.0.1, the only thing you should need is to add this to /etc/raddb/users username Cleartext-Password := thepassword ..and the clients file (and maybe even the firewall on the server! ;-) ) so that the AP acting as a NAS can talk to FR :-) ...and it should work. If it doesn't, by far the most likely explanation is that you have the Cisco AP configured incorrectly; you will need to examine the Cisco documentation, this is not a Cisco support list. agreed. alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: freeradius v.2.0.1 and Cisco 1200AP IOS V.12.3
Hi, I have been working with freeradius v.2.0.1 and a Cisco 1200 Series Access Point (version 12.3 IOS) for many months now with no success to getting this working. I am doing research on freeradius product for a univeristy campus that I go to for implementation in the near future. I am out of ideas of how to configure this correctly. I still to this day do not have my Cisco 1200 AP authenticating with freeradius version 2.0.1. Does anyone have a configuration setup of this type of scheme or are willing to tell me how to start from ground up to make this work. My plan is simple at this point. I want to use freeradius, a Cisco 1200 Series Access Point, and one windows xp pro client to connect to the AP and authenticate against freeradius. I appreciate any input on this matter. Thanks again open source community. most of us would simply follow the FreeRADIUS EAP-TLS guide (which covers PEAP etc too!) - which works 'out of the box' when you do a make install and run it for the first time, followed by following the cisco document on how to configure WPA for the 1200 series AP. then, configure FreeRADIUS client.conf to allow the AP to talk to the FR server install the FR CA cert onto the Windows client. et voila. thats most of the work done (or all of it if you EAP-TLS) so. what exactly is your problem? have you followed the cisco docs so that your AP is configured to do WPA and has the RADIUS server configured ? whats the debug output from your FR daemon? alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: freeradius v.2.0.1 and Cisco 1200AP IOS V.12.3
I have found a Cisco document (FAQ-Wireless-Security.pdf) with the following statement: Q. Why does MAC authentication not work with Wi−Fi Protected Access (WPA) in Cisco IOS Software Release 12.3(8)JA2? A. The only level of security for MAC authentication is to check the MAC address of the client against a list of permitted MAC addresses. This is considered very weak. In earlier Cisco IOS Software releases, you could configure MAC authentication and WPA to encrypt the information. But because WPA itself has a MAC address that checks, Cisco decided not to allow this type of configuration in later Cisco IOS Software releases and decided only to improve security features. Regards, John On 5 Feb 2008, at 20:04, [EMAIL PROTECTED] wrote: Hi, When installing FreeRadius 2.0.1, the only thing you should need is to add this to /etc/raddb/users usernameCleartext-Password := thepassword ..and the clients file (and maybe even the firewall on the server! ;-) ) so that the AP acting as a NAS can talk to FR :-) ...and it should work. If it doesn't, by far the most likely explanation is that you have the Cisco AP configured incorrectly; you will need to examine the Cisco documentation, this is not a Cisco support list. agreed. alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html