David Peterson wrote:
Let me know if this debug is the latest master. It should be but I don't
have personal verification. The EAP issue is persisting as of this version:
I've found a typo pushed a fix.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
marco perugini wrote:
hi list!
i think we found same issue as david: something fails in eap-ttls. my
supplicant is a huawei wimax cpe [that obviously works great on my other
radius server but not the new one...]. we noticed some commit about ttls
so we built master branch from git in the
Subject: Re: EAP problem
David Peterson wrote:
I came up with that conclusion as well. I am going to use my known
good source.
Please also say which supplicant you're using. Knowing *which* software
is broken is useful.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http
I will send a full debug prior to recompiling tomorrow.
David
-Original Message-
From: Arran Cudbard-Bell [mailto:a.cudba...@freeradius.org]
Sent: Friday, July 27, 2012 6:05 PM
To: FreeRadius users mailing list
Cc: David Peterson-WirelessConnections
Subject: Re: EAP problem
On 27 Jul
David Peterson wrote:
I am using an Alvarion WiMax CPE. The CPE works on my other radius server
just not the new one.
I should have known.
Can you at least run radiusd -Xx with the recent git master ?
That will let us know exactly what is going on inside of the TTLS tunnel.
That will
I have a new server giving me fits and I cannot figure out what the heck I
did wrong:
FreeRADIUS Version 3.0.0, for host x86_64-unknown-linux-gnu, built on Jul 27
2012 at 08:55:21
Copyright (C) 1999-2012 The FreeRADIUS server project and contributors.
There is NO warranty; not even for
David Peterson wrote:
I have a new server giving me fits and I cannot figure out what the heck I
did wrong:
Nothing.
(9) ttls : Session established. Proceeding to decode tunneled attributes.
(9) ttls : Tunneled attribute 1 is too short (1 12) to contain anything
useful.
Which
I came up with that conclusion as well. I am going to use my known good
source.
David
-Original Message-
From: Alan DeKok [mailto:al...@deployingradius.com]
Sent: Friday, July 27, 2012 4:54 PM
To: David Peterson-WirelessConnections; FreeRadius users mailing list
Subject: Re: EAP
David Peterson wrote:
I came up with that conclusion as well. I am going to use my known good
source.
Please also say which supplicant you're using. Knowing *which*
software is broken is useful.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On 27 Jul 2012, at 22:24, Alan DeKok al...@deployingradius.com wrote:
David Peterson wrote:
I came up with that conclusion as well. I am going to use my known good
source.
Please also say which supplicant you're using. Knowing *which*
software is broken is useful.
Or even just
Hi,
i use virtual server inner-tunnel in EAP config in PEAP section on
EAP.conf
yes...but you dont have that file in place! look!
No such virtual server inner-tunnel
^
look in your sites-enabled directory.
alan
-
List
i use virtual server inner-tunnel in EAP config in PEAP section on
EAP.conf
THANK YOU WITH BEST REGARDS
AMIN AHOORA
On Sun, Dec 26, 2010 at 9:36 PM, Alan Buxey a.l.m.bu...@lboro.ac.uk wrote:
Hi,
Hi
I have problem with EAP
CAN YOU help me
its fairly obvious if you just
Hi,
Hi
I have problem with EAP
CAN YOU help me
its fairly obvious if you just read the debug output!
you dont have an 'inner-server' virtual server in your config
[peap] Peap state WAITING FOR INNER IDENTITY
[peap] Identity - 12
[peap] Got inner identity '12'
Hi
I have problem with EAP
CAN YOU help me
WARNING:
!!
WARNING: !! EAP session for state 0x90d4d2dd94c2cb92 did not finish!
WARNING: !! Please read http://wiki.freeradius.org/Certificate_Compatibility
WARNING:
amin ahoora wrote:
Hi
I have problem with EAP
CAN YOU help me
WARNING:
!!
WARNING: !! EAP session for state 0x90d4d2dd94c2cb92 did not finish!
WARNING: !! Please read http://wiki.freeradius.org/Certificate_Compatibility
Hi folks,
Now I got a new problem with rlm_eap and the server doesn't start
anymore. You were right, I commented $INCLUDE sites-enabled/ in
radiusd.conf.
So what can I do now?
Best regards
Michael
FreeRADIUS Version 2.1.5, for host i686-pc-linux-gnu, built on Mar 26
2009 at 14:24:27
Hi,
Now I got a new problem with rlm_eap and the server doesn't start
anymore. You were right, I commented $INCLUDE sites-enabled/ in
radiusd.conf.
the errors are clear enough!
Module: Instantiating eap-tls
tls {
rsa_key_exchange = no
dh_key_exchange = yes
Now I got a new problem with rlm_eap and the server doesn't start
anymore. You were right, I commented $INCLUDE sites-enabled/ in
radiusd.conf.
So what can I do now?
...
rlm_eap: SSL error error:02001002:system library:fopen:No such file or
directory
rlm_eap_tls: Error reading Trusted
...@lists.freeradius.org
[mailto:freeradius-users-bounces+michael.ziemann=herber-herber...@lists.freeradius.org]
Im Auftrag von a.l.m.bu...@lboro.ac.uk
Gesendet: Freitag, 29. Mai 2009 15:54
An: FreeRadius users mailing list
Betreff: Re: rlm eap problem
Hi,
Now I got a new problem with rlm_eap and the server doesn't
@lists.freeradius.org [mailto:freeradius-
users-bounces+jmdanner=samford@lists.freeradius.org] On Behalf Of
Michael Ziemann
Sent: Friday, May 29, 2009 9:19 AM
To: FreeRadius users mailing list
Subject: AW: rlm eap problem
Hi there,
Yes, of course you were right, the file was named
- Original Message -
From: Ivan Kalik t...@kalik.net
To: Balgansuren Batsukh bal...@boldsoft.mn; FreeRadius users mailing
list freeradius-users@lists.freeradius.org
Sent: Thursday, May 28, 2009 1:34 AM
Subject: Re: Windows XP SP2 and SP3 EAP problem followup
Yes, that's correct
I run Freeradius with radiusd -X then captured logging information and
sent
in previous email.
Is it possible to get some point from this logging information or need
other
way?
I will try other card for testing.
You have established this:
Linksys card + laptop + freeradius = working
BTW, I read Freeradius config there several type of authentication.
1.EAP with PEAP/MSCHAPv2 username/password
2.EAP with TLS.
I little confuse configuration difference between above two type.
Both are configured in the default configuration. Just don't change anything.
EAP-TLS will use
To: Balgansuren Batsukh bal...@boldsoft.mn; FreeRadius users mailing
list freeradius-users@lists.freeradius.org
Sent: Thursday, May 28, 2009 7:25 PM
Subject: Re: Windows XP SP2 and SP3 EAP problem followup
BTW, I read Freeradius config there several type of authentication.
1.EAP with PEAP/MSCHAPv2
Any suggestion Windows XP EAP problem?
What problem would that be? The one with two cards, where one is working
and other isn't? Obviously nothing wrong with Windows or Freeradius.
Supplicant not set up properly or broken, bad card drivers ...
Ivan Kalik
Kalik Informatika ISP
-
List info
Any suggestion Windows XP EAP problem?
What problem would that be? The one with two cards, where one is working
and other isn't? Obviously nothing wrong with Windows or Freeradius.
Supplicant not set up properly or broken, bad card drivers ...
Yes, mail with two cards.
I updated built
Any suggestion Windows XP EAP problem?
What problem would that be? The one with two cards, where one is working
and other isn't? Obviously nothing wrong with Windows or Freeradius.
Supplicant not set up properly or broken, bad card drivers ...
Yes, mail with two cards.
I updated built
: Windows XP SP2 and SP3 EAP problem followup
Any suggestion Windows XP EAP problem?
What problem would that be? The one with two cards, where one is working
and other isn't? Obviously nothing wrong with Windows or Freeradius.
Supplicant not set up properly or broken, bad card drivers ...
Yes
I tried other laptop with different card, but same result?
I wouldn't lose much time over it. Call people who sold you that card,
tell them it's faulty and you want your money back. Then buy another card
that works.
Which just confirms that you shouldn't use that card (another card meaning
Yes, that's correct from other vendor.
You said that you have a Linksys card that works and Intel that doesn't.
What's this third one? Have you tried it on a laptop on which Linksys
works?
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See
Hello,
Any suggestion Windows XP EAP problem?
Balgaa-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hello,
I am new to Freeradius world. Last two days trying to use Freeradius + Alcon AP
WPA-Enterprise + Windows XP.
I installed FreeBSD 7.2-STABL with Freeradius 2.1.4 and configured it.
I followed instruction on
http://wiki.freeradius.org/index.php?title=EAP-PEAPredirect=no and
K. Hoercher wrote:
On 9/20/06, Florian Prester [EMAIL PROTECTED] wrote:
Also I have some questions about eap at all. How should it work
correctly. because I see up to 10 Authentication-Requests until the
client is authenticated correctly. For example the client wants to do
EAP-PEAP
Hi,
hm digging around in the source I'm not able to really isolate a cause
for that behaviour with certainity. Would you care to provide (in
order of descending helpfulness):
- full debug output (all ongoing requests and challenges)
- including the EAP-Message contents
- users file, eap.conf
-
Hi,
firstly, we are using Freeradius for all kind of authentications - and
It works very good!! - Good Job to all of you.
But, lately we have some EAP-Problems mostly with windows-clients.
If a user authenticated correctly, after some time he gets disconnected
and tries to reauthenticate,
On 9/20/06, Florian Prester [EMAIL PROTECTED] wrote:
Also I have some questions about eap at all. How should it work
correctly. because I see up to 10 Authentication-Requests until the
client is authenticated correctly. For example the client wants to do
EAP-PEAP (Windows-client), but the radius
Hi !
Upgrading from 1.1.1 to 1.1.2 and now I get this error message :
Thu Jun 1 12:26:22 2006 : Info: rlm_eap_tls: Loading the certificate file
as a chain
Thu Jun 1 12:26:22 2006 : Error: rlm_eap: SSL error error:02001002:system
library:fopen:No such file or directory
Thu Jun 1 12:26:22
Title: Re: EAP problem
You _cannot_ read the unicodePwd attribute (where the actual passwd
lies) from AD. It can only be written to, and then only under certain
conditions (SSL/TLS connection, and if not written by an admin, then a
delete/add must be performed in the same operation
Graham, Robert [EMAIL PROTECTED] wrote:
rlm_eap: Identity does not match User-Name, setting from EAP Identity
I did more searches on this error, and tried several suggestions, from
using the hints file:
DEFAULT Prefix == MEM\\, Strip-User-Name = Yes
That would cause the problem.
The
Title: FW: Re: EAP problem
Alan, Thanks for the response.
Do you mean EAP-MD5? I'm not sure what MD5-Challenge is...
Yes - EAP-MD5, The windows side (supplicant) is set to MD5-Challenge
I did get EAP to work when I supply the User-Password attribute in the users file, but I would
Title: Re: EAP problem
I am still having an issue autheniticating a user with EAP. I think Alan, has pointed out the issue in his previous reply, about LDAP not retrieving the User-Password from Active Directory. My understanding (as little as it may be) of the ldap section
Graham, Robert [EMAIL PROTECTED] wrote:
shouldn't the section:
rlm_ldap: looking for check items in directory...
rlm_ldap: looking for reply items in directory...
rlm_ldap: user rgraham authorized to use remote access
have something that reflects userpassword retrieved (rlm_ldap:
Title: Re: EAP problem
I'm I correct to state that the password_attribute = userPassword in the ldap section causes ldap to retrieve the user's password out Active Directory? and if so, what I am doing wrong. The only thing that I can thing of is the mapping in the ldap.attrmap file which I
Graham, Robert [EMAIL PROTECTED] wrote:
I'm I correct to state that the password_attribute =3D userPassword in
the ldap section causes ldap to retrieve the user's password out Active
Directory?
No. Messages in the past few days have said you can't get passwords
from AD. It's impossible.
Title: Re: EAP problem
No. Messages in the past few days have said you can't get passwords
from AD. It's impossible.
You have to use ntlm_auth. See radiusd.conf
Alan DeKok.
This still doesn't make any since. I have ntlm_auth enable, and it is working fine autheniticating our vpn users
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
You _cannot_ read the unicodePwd attribute (where the actual passwd
lies) from AD. It can only be written to, and then only under certain
conditions (SSL/TLS connection, and if not written by an admin, then a
delete/add must be performed in the same
Title: EAP problem
Hello list,
I have freeradius configured to authenicate users against active directory with ms-chap and can also do ldap group searches, all that is working great. Now what I need to do is implement 802.1x port authenication on our foundry switches and I'm running
Graham, Robert [EMAIL PROTECTED] wrote:
Is this setup even possible?
Do you mean EAP-MD5? I'm not sure what MD5-Challenge is...
I did get EAP to work when I supply the User-Password attribute in the
users file, but I would like LDAP to fetch this if it is possible.
If you're using LDAP,
Hi, all
I tried to control access using MAC address. If user profile stored in
/etc/raddb/users, it works. But when I migrate to PostgreSQL, it stop working.
I have the following 2 entries in radcheck table:
1 | Vincent | Auth-Type | := | EAP
5 | Vincent | Calling-Station-Id | == |
49 matches
Mail list logo