On Sun, Jun 2, 2013 at 9:10 PM, Kostya kosty...@gmail.com wrote:
I am trying to set up a WPA2 Enterprise protected network with FreeRadius
as the radius server.
I have configured everything and it was working fine. Then I realised that
I need to use LEAP to replicate a specific environment
Hi
I am trying to set up a WPA2 Enterprise protected network with FreeRadius
as the radius server.
I have configured everything and it was working fine. Then I realised that
I need to use LEAP to replicate a specific environment to test.
I am struggling with this for the entire day, I tried many
Kostya wrote:
I am trying to set up a WPA2 Enterprise protected network with
FreeRadius as the radius server.
I have configured everything and it was working fine. Then I realised
that I need to use LEAP to replicate a specific environment to test.
You should avoid LEAP. It's insecure.
I
The client is ipad mini, it has a leap option. I will check it tomorrow
again.
On Jun 3, 2013 12:41 AM, Alan DeKok al...@deployingradius.com wrote:
Kostya wrote:
I am trying to set up a WPA2 Enterprise protected network with
FreeRadius as the radius server.
I have configured everything
Hi all.
I am trying to connect to a network, via LEAP authentication.
When I open 192.168.1.1 (IP address of my router), and visit the wireless
section, I see that there are four different options
1. Radius
2. WPA Enterprise
3. WPA2 Enterprise
4. WPA/WPA2 Enterprise
2., 3., 4. are obvious. I
Ajay Garg wrote:
I am trying to connect to a network, via LEAP authentication.
Don't. LEAP is insecure and SHOULD NOT be used.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
LEAP is an older form of 802.1X authentication method...superseded by PEAP,
TTLS etc. You need to define a RADIUS server and use WPA/enterprise or
WPA2/enterprise, or the LEAP option if your kit supports it (its sometimes
listed separately) WEP is not LEAP.
alan
-
List info/subscribe
Hi,
Would greatly someone's help on this. I need free radius to authenticate with
using wpa.
From the local radtest I can see, it is authenticating fine but when testing
with a wpa device, this is the error m getting on the debug log:
I just need it to work from wireless device, I think it is
It does. It is a Aironet 350 device and it has
internal RADIUS as well, which we are able to
authenticate against(using LEAP).
Is this for WLSE authentication to the AP? If not,
do you have other options other than LEAP? If so,
avoid LEAP as many others have said.
-
List info/subscribe
.nabble.com/LEAP-Authentication-tp4475314p4536058.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
pesho wrote:
Is it possible that the problem is with the Access Point? I tried to
authenticate using the native windows client and the Verizon Wireless
Manager and I can see the same behaviour... no answer to the
Access-Challenge.
Don't use LEAP. Use another authentication method.
Alan
I guess this is kind of solution, but we would like to have the LEAP running
as well. Any other suggestions?
Thanks.
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/LEAP-Authentication-tp4475314p4536546.html
Sent from the FreeRadius - User mailing list archive
pesho wrote:
I guess this is kind of solution, but we would like to have the LEAP running
as well. Any other suggestions?
Don't run LEAP.
LEAP requires support from the access point. If the documentation for
the AP doesn't say it supports LEAP, it won't work.
The recommendation
Hi,
I guess this is kind of solution, but we would like to have the LEAP running
as well. Any other suggestions?
i ran up a default FreeRADIUS install, enabled LEAP, had a device
doing LEAP against the 802.1X AP and it just worked. does
your AP understand LEAP?
alan
-
List info/subscribe
It does. It is a Aironet 350 device and it has internal RADIUS as well, which
we are able to authenticate against(using LEAP).
--
View this message in context:
http://freeradius.1045715.n5.nabble.com/LEAP-Authentication-tp4475314p4536908.html
Sent from the FreeRadius - User mailing list archive
-To: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Subject: Re: LEAP Authentication?
It does. It is a Aironet 350 device and it has internal RADIUS as well, which
we are able to authenticate against(using LEAP).
--
View this message in context:
http://freeradius.1045715.n5.nabble.com
Yes, you can get LEAP to work with Cisco and some other devices, but
LEAP is a flawed proprietary protocol. When analyzed and found
subject to offline dictionary attacks Cisco circled the wagons and
threw FUD until FAST was developed and deployed. LEAP has never been
publically
Hi,
I'm unable to authenticate using the LEAP method. All the other EAP methods
are working fine.
Thanks in advance for your help. Here is the output from radiusd -X:
FreeRADIUS Version 2.1.10, for host i386-redhat-linux-gnu, built on Oct 19
2010 at 19:44:13
Copyright (C) 1999-2009
Hi,
I installed freeradius and have radtest passed. Playing with it with Cisco
gears. The system includes freeRadius (ip: 60.60.0.9 on vlan 660) and Cisco
controller(ip: 60.62.0.11)/AP (on vlan 662). Using a Windows 7 laptop +
Intel 6200 wifi chipset as the client.
I understand LEAP
) and Cisco
controller(ip: 60.62.0.11)/AP (on vlan 662). Using a Windows 7 laptop +
Intel 6200 wifi chipset as the client.
I understand LEAP is not secure, but it is simple, so this is just hope see
if they can all work together. However, client was unable to connect. Here
are the debug outputs
Hi,
Hmmm. probably not the case, here is my 'users' file:
isnt it a little more obvious than that?
Ignoring EAP-Type/tls because we do not have OpenSSL support.
Ignoring EAP-Type/ttls because we do not have OpenSSL support.
Ignoring EAP-Type/peap because we do not have
ah but this is LEAP I am testing, which does not require OPENSSL
support.
In wiki page, http://wiki.freeradius.org/Rlm_eap
===
INSTALLATION
EAP, EAP-MD5, and Cisco *LEAP* do not require any additional packages. *
FreeRADIUS* http://wiki.freeradius.org/FreeRADIUS contains all the
required
Thanks Alan. After installing openssl development package, libssl-dev, for
ubuntu 10.10, and recompiling freeradius. I now have PEAP MSCHAPv2 working,
client connecting good.
Though LEAP still not working (with same id/pw), but I will figure out that
later and play with certificates stuffs first
David Jea wrote:
ah but this is LEAP I am testing, which does not require OPENSSL
support.
Yes. The only reason LEAP doesn't work is that the password you gave
the server doesn't match the password you entered on the client.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http
Hi,
We are using freeRADIUS-1.1.6 talk with AD. It can work if we use
EAP-peap(mschap-v2). Now I want to use Leap in client. But got failed. Can
Leap + freeRADIUS + AD support in freeRADIUS-1.1.6 or new version?
Thanks.
John
John wrote:
Hi,
We are using freeRADIUS-1.1.6 talk with AD. It can work if we use
EAP-peap(mschap-v2). Now I want to use Leap in client. But got failed.
Can Leap + freeRADIUS + AD support in freeRADIUS-1.1.6 or new version?
LEAP requires that the access points support LEAP. They don't
Hi!
I have set up a freeradius server, which are pointed to by my Linksys
WRT54GL router. Everything seems to work with LEAP authentication, such as
radtest from localhost and also from my laptop (When router is running WPA2
Personal, and i can connect to the network). The problem comes when i
I have set up a freeradius server, which are pointed to by my Linksys
WRT54GL router. Everything seems to work with LEAP authentication, such as
radtest from localhost and also from my laptop (When router is running
WPA2
Personal, and i can connect to the network). The problem comes when i
with freeRADIUS and LEAP
I have set up a freeradius server, which are pointed to by my Linksys
WRT54GL router. Everything seems to work with LEAP authentication, such as
radtest from localhost and also from my laptop (When router is running
WPA2
Personal, and i can connect to the network
Dear All,
I trying to authenticate a wireless client using LEAP auth type and have
configured the AP to use hostapd-0.5.9 as authenticator.as follows:
wireless client -- hostapd-0.5.9 ---
freeradius-2.1.1
windows-XP based authenticator
Prasad Parab wrote:
Dear All,
I trying to authenticate a wireless client using LEAP auth type and have
configured the AP to use hostapd-0.5.9 as authenticator.as
follows:
wireless client -- hostapd-0.5.9 ---
freeradius-2.1.1
windows-XP based
Gaurav Bandekar wrote:
I wanted to know how to configure EAP-LEAP on FreeRadius Server.
Use the default configuration.
Tell the server a known good password for the user. e.g. the FAQ
gives an example.
Once that's done, LEAP will work.
Alan DeKok.
-
List info/subscribe/unsubscribe
Hi,
I wanted to know how to configure EAP-LEAP on FreeRadius Server.
The following are the configuration settings done.
1. clients.conf - added the client AP.
2. radiusd.conf -
modules
On Fri, 2007-01-05 at 11:48 +0100, Mark Hollenbeck wrote:
Hallo,
there has been a problem with Cisco WLSE LEAP authentication for WDS
with an older version of freeRADIUS. Is this problem still there, or has
it been fixed in the meantime?
ISTR that the problem is that the Cisco WLSE isn't
Hallo,
there has been a problem with Cisco WLSE LEAP authentication for WDS
with an older version of freeRADIUS. Is this problem still there, or has
it been fixed in the meantime?
Thanks a lot
Mark
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Mark Hollenbeck wrote:
there has been a problem with Cisco WLSE LEAP authentication for WDS
with an older version of freeRADIUS. Is this problem still there, or has
it been fixed in the meantime?
What is the problem?
Alan DeKok.
--
http://deployingradius.com - The web site
Hi,
Does free radius support PEAP/LEAP
802.1x authentication?
yes, of course it does.
How can i configure it?
I'd start by reading the documentation. Then you'd want to plan on how to
implement it. make sure the required parts of, eg eap.conf are configured
and make sure that the required
Does free radius support PEAP/LEAP
802.1x authentication?
How can i configure it?
- Original Message -
From: Michael Griego [EMAIL PROTECTED]
To: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Sent: Tuesday, June 06, 2006 7:52 PM
Subject: Re: PEAP authentication
Hi ,
Please use the latest version of FreeRADIUS (1.1.0). This includes
the the eDirectory integration and you should be able to set up LEAP
authentication with it. Please refer to the following links which
contain documentation on eDirectory integration with FreeRADIUS.
http://www.novell.com
We are having problems getting leap to authenticate. We are using FreeRadius
0.9.3, Cisco Arionet 1200 and eDir as a back end.
Here is our config file:
!
version 12.3
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
John Peebles [EMAIL PROTECTED] wrote:
We are having problems getting leap to authenticate. We are using
FreeRadius 0.9.3, Cisco Arionet 1200 and eDir as a back end.
I suggest you upgrade to 1.1.0. It has a *lot* of security fixes,
and eDir integration, too.
here is the error message we get
I would like to proxy leap authentication requests to a non-leap compatible
radius server. This is a feature of the Cisco ACS product that I was hoping
FreeRadius would be able to do.
I have eap\leap working with my lab wireless access point using the local
users file. I have a realm setup
[EMAIL PROTECTED] wrote:
1) Does the current FreeRadius download have this capability and I just
need to configure it correctly?
No.
3) [to the developers] In the processing eap\leap authentication request
within
the code does the username and password get decoded to plain text
Hi everyone, is me again!!
I have a question about freeradius 1.0.4. With LEAP protocol, the last
packet sent by the server has a leap-session-key. Does anybody knows
how this key is generated? Thank you very much!!!
Juan Daniel MORENO
-
List info/subscribe/unsubscribe? See http
Juan Daniel Moreno [EMAIL PROTECTED] wrote:
I have a question about freeradius 1.0.4. With LEAP protocol, the last
packet sent by the server has a leap-session-key. Does anybody knows how
this key is generated? Thank you very much!!!
doc/rfc/leap.txt
Or, the source code.
Alan DeKok
Hello
Were Can I found patches for cisco wlse work ?
Marc
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Marc-Henri Boisis-delavaud wrote:
Hello
Were Can I found patches for cisco wlse work ?
Marc
Huh... my best guess would be cisco.com :)
--
Groeten, Regards, Salutations,
Thor Spruyt
M: +32 (0)475 67 22 65
E: [EMAIL PROTECTED]
W: www.thor-spruyt.com
www.salesguide.be
www.telenethotspot.be
-
-mem-patch
7. Apply the rlm_leap patch: cd
freeradius-1.0.0/src/modules/rlm_eap/types/rlm_leap, patch
/patchdir/freeradius-1.0.0-leap-patch
Configure and compile as usual.
Thanks should be given to Richard Timsit and John Koen for their
assistance in providing/testing these patches.
Best Regards
, August 29, 2005 6:44 PM
Subject: Re: wlse leap patches
Here are the patches. These were made against FreeRadius 1.0.0 Here's how
to apply them:
1. mkdir patchdir, cd patchdir
2. gzip -dc freeradius-1.0.0-wlse-patches.tar.gz |tar -xvf -
3. Grab the FreeRadius-1.0.0 source code and extract it.
4
Hi everybody again,
I would like to know if any of you has somme information about LEAP and
PEAP protocols. Does any RFC about them exist? I find nothing in the
net. Thanks you!!!
Juan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Juan Daniel Moreno [EMAIL PROTECTED] wrote:
I would like to know if any of you has somme information about LEAP and PEAP
protocols. Does any RFC about them exist? I find nothing in the net. Thanks
you!!!
doc/rfc/*
Alan DeKok.
-
List info/subscribe/unsubscribe? See http
LEAP is a proprietary protocol of Cisco's. They have never published a spec,
but it has been reverse engineered. (use Google)
It is severely flawed.
PEAP is in an Internet Draft (v2), but what Microsoft has implemented (v0) and
what Cisco supports(v1) are two different derivations of previous
FreeRadius users mailing list freeradius-users@lists.freeradius.org on
August 12, 2005 at 09:04 -0800 wrote:
LEAP is a proprietary protocol of Cisco's. They have never published a
spec, but it has been reverse engineered. (use Google)
It is severely flawed.
What he said.
PEAP is in an Internet
Ehlo
We are usign Cisco1200 AP for roaming, but AP needs to auth into radius.
Because CISCO it must use LEAP. But it fails on this
rlm_eap: EAP/leap
rlm_eap: processing type leap
rlm_eap_leap: No User-Password or NT-Password configured for this user
rlm_eap: Handler failed in EAP/leap
Luis Daniel Lucio Quiroz [EMAIL PROTECTED] wrote:
uid: AP-DATI
userrPassword: cisco1234
sambaNTPassword: 3B298390489F668CA3C38047C7FE1266
sambaLMPassword: 8BE57A0FA91F460C19F10A933D4868DC
How should I fix this?
Add the following to ldap.attrmap:
checkItem NT-Password
-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Luis
Daniel Lucio Quiroz
Sent: Mittwoch, 01. Juni 2005 01:07
To: freeradius-users@lists.freeradius.org
Subject: LEAP
Ehlo
We are usign Cisco1200 AP for roaming, but AP needs to auth into radius.
Because CISCO it must use LEAP
hi,
I have a problem on Freeradius 1.0.2.
I have two configuration:
1- PDA microsoft pocket PC --- AP Cisco --- Freeradius 1.0.2
2- PDA microsoft pocket PC 2003 --- AP Cisco -- Freeradius 1.0.2
The configuration one functions without problem in EAP-LEAP.
An error on the configuration two saying
hello,
I have a problem on Freeradius 1.0.2.
I have two configuration:
1- PDA microsoft pocket PC --- AP Cisco --- Freeradius 1.0.2
2- PDA microsoft pocket PC 2003 --- AP Cisco -- Freeradius 1.0.2
The configuration one functions without problem in EAP-LEAP.
An error on the configuration two
hese patches in place on my own?
Also, has anyone written up a how-to for Cisco WDS LEAP auth setup with Freeradius? If not, I'm willing to do so, provided I can get questions answered by those fine folks who've made it work so far. I'm looking forward to showing the local Cisco guys that Freeradius
: Is there some kind of trick to make Cisco LEAP work???
Hello Folks,
All I can say is WOW! Too be quite honest I had given
up on making FreeRadius work with Cisco's WDS and WLSE. In
my particular situation we also had a licensed Cisco ACS 3.x
(now 3.3) server however, we weren't
James,
We have gotten LEAP to work with Cisco access points. My last posting
on the subject might help if you haven't gotten there yet...
However, we have not been able to get LEAP for Cisco's WDS worked out.
All of the access points in the group authenticate successfully, but
the WLSE
network
considering it also provides authentication services to the rest of our
network resources. That's were I saw FreeRadius as an excellent fit.
To update my original post I had gotten LEAP to work with clients
(after the fact). My problem was I fooled with trying to get WDS LEAP
Dear FreeRadius Users,
We have two Aironet 350 bridges in a point-to-point config. We use Cisco-LEAP to get
dynamic keys (unfortunately, LEAP is the only EAP protocol those bridges know). We
have been using FreeRadius 0.9.3 with this setup and it was working fine. We just
upgraded
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of Alan DeKok
Sent: Wednesday, September 22, 2004 7:22 PM
To: [EMAIL PROTECTED]
Subject: Re: LEAP stopped working
Matanya Elchanani [EMAIL PROTECTED] wrote:
We have two Aironet 350 bridges in a point-to-point config. We use
Richard,
Thanks for that input, it sounds very straightforward to me. I'll try
your patches on Tuesday (Monday is a holiday here). Have you brought
this up with Cisco? If not, I will open a case next week. I'd like to
know whether Cisco's leap/eap developers intended for the ID
James,
We have gotten LEAP to work with Cisco access points. My last posting
on the subject might help if you haven't gotten there yet...
However, we have not been able to get LEAP for Cisco's WDS worked out.
All of the access points in the group authenticate successfully
James,
We have gotten LEAP to work with Cisco access points. My last posting
on the subject might help if you haven't gotten there yet...
http://lists.freeradius.org/pipermail/freeradius-users/2004-August/
035601.html
However, we have not been able to get LEAP for Cisco's WDS worked out
Coates Carter wrote:
James,
We have gotten LEAP to work with Cisco access points. My last posting
on the subject might help if you haven't gotten there yet...
I was just wondering, would this type of setup still be vulnerable to this:
http://asleap.sourceforge.net/
Should LEAP be used in any
the horse (Cisco's WLSE leap/eap/radius client being the horse).
The state is meaningless, other than a series of bytes which the
server interprets. It's implementation-specific, and the NAS thinks
it means anything.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org
Adam Shelley [EMAIL PROTECTED] wrote:
I was just wondering, would this type of setup still be vulnerable to this:
http://asleap.sourceforge.net/
Should LEAP be used in any production environment to ensure security on
wireless links?
It's no more vulnerable than MS-CHAP, except that MS
Yes
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Alan
DeKok
Sent: Tuesday, August 31, 2004 2:01 PM
To: [EMAIL PROTECTED]
Subject: Re: [OT] Should anyone even use LEAP
Adam Shelley [EMAIL PROTECTED] wrote:
I was just wondering, would this type
Hi Adam,
If any other alternative exists, then LEAP should not be used. As
you've pointed out, LEAP is vulnerable to known published attacks. Even
Cisco recommends (their version of ;-) PEAP. Given the requirements
placed upon the AP, LEAP is also effectively constrained to Cisco APs
ASLEAP uses an offline dictionary attack to crack LEAP passwords. Best
practice to use when deploying LEAP is strong user passwords.
Amos
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Alan
DeKok
Sent: Tuesday, August 31, 2004 2:01 PM
To: [EMAIL
to use a weaker mechanism.
Regards,
Guy
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of Amos Gregory
Sent: 31 August 2004 21:58
To: [EMAIL PROTECTED]
Subject: RE: [OT] Should anyone even use LEAP
ASLEAP uses an offline dictionary attack
Thanks Matt Sapp,
I hadn't seen this before, and it solved my latest problem. Apparently the 0x prefix lets the appropriate rlm know that the value is already a hash, not to recalculate. I tried the following three simplified examples to demonstrate that what you said is true
Jan Satko [EMAIL PROTECTED] wrote:
It is same problem that was recent;y reported by me. Forcing set
EAP-Type doesn't work correctly. I have reported that I have 1.0.0-pre3
version. But I don't have any response yet from you.
All I know is that it works in my tests. I'll see if I can have
Dietmar Romer [EMAIL PROTECTED] wrote:
I tried this, but it does not work. The files-module is called before the
eap-module; it always returns ok, regardless of the EAP-Type := LEAP.
Did you try it in 1.0.0-pre3?
The feature was added, and tested by me (though not recently).
Alan
hideck [EMAIL PROTECTED] wrote:
NG uesrs file config
---
test NT-Password := 0CB6948805F797BF2A82807973B89537
---
test NT-Password := 0x0CB6948805F797BF2A82807973B89537
to restrict a user to use LEAP only:
user99 Auth-Type := EAP, User-Password == test, EAP-Type := LEAP
Service-Type = Framed-User
This does not work either, he can still use MD5.
I'm not sure that's supported in 0.9.3. It *is* supported in 1.0.0,
but you'll have to list the files
Hi List,
I have a trouble in EAP-LEAP authentification in FreeRADIUS, while an
ordinary User-Password attribute works fine. Namely, when I enabled
and configured NT-Password attribute in the 'users' file as in the
below, I got 'Authentication fail'.
I appreciate any advice/hint to resolve
Original Message Follows
From: Tony Sciortino [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Freeradius using leap and ldap
Date: Thu, 1 Jul 2004 00:24:14 -0400
I am very close to getting freeradius to work with leap and ldap but I can
not seem to close
Tony Sciortino wrote:
rlm_ldap: LDAP lmPassword mapped to RADIUS LM-Password
rlm_ldap: LDAP ntPassword mapped to RADIUS NT-Password
rlm_ldap: LDAP racfPassword mapped to RADIUS User-Password
rlm_ldap: bind as
racfid=admin,profiletype=USER,dc=racf,o=riteaid.com/mypass to
James D. Munroe [EMAIL PROTECTED] wrote:
Has anyone tried or successfully been able to get Cisco-Leap to work
using FreeRadius?
Lots of people. That's why the feature is there. It's been used
for over a year now.
If you can't get LEAP to work, I suggest running the server in
debugging
Hi,
I have the following set up in my radiusd to get auth results. With
other EAP types like peap, ttls, etc. I get Access-Accepts also logged
in the reply_log. For LEAP, I am not getting it. From debug run, I
don't see post-auth getting called at all. How can I fix to get the
post-auth
not called with LEAP
Hi,
I have the following set up in my radiusd to get auth results. With
other EAP types like peap, ttls, etc. I get Access-Accepts also
logged
in the reply_log. For LEAP, I am not getting it. From debug run, I
don't see post-auth getting called at all. How can I fix to get
Hi,
The attached patch allows me to get the post-auth called in
Access-Accept when LEAP is used. In the rad_authenticate routine from
auth.c returns without going further to call rad_postauth if the called
to rad_check_password returns with RLM_MODULE_HANDLED. In the
eap_compose routine
Timothy Tan [EMAIL PROTECTED] wrote:
Just a quick question about LEAP. Am I right to say that as long as the
client wlan card supports LEAP, I just need any 802.1x compatible AP to
pass through the LEAP request to the FreeRADIUS server? Or do I need to
use a Cisco-only AP?
The AP needs
Hi everyone.
Had some problem with my email accounts and subscription... anyway,
Just a quick question about LEAP. Am I right to say that as long as the
client wlan card supports LEAP, I just need any 802.1x compatible AP to
pass through the LEAP request to the FreeRADIUS server? Or do I need
Alan DeKok wrote:
...
modcall: entering group authenticate for request 2
rlm_eap: EAP packet type notification id 3 length 15
rlm_eap: EAP Start not found
rlm_eap: EAP Identity
rlm_eap: processing type leap
rlm_eap_leap: Stage 2
And the client is re-starting EAP.
That isn't good
help!
Regards
Jens Iwo Riecken
Environment:
freeradius-0.9.3
DWL-2100AP (AccessPoint)
DWL-G520 (Wirless Adapter)
Client OS W2k SP4 w/ 802.1x service enabled
Client-side config:
Authentication: WPA
SSID: pwlz001
EAP Type: LEAP
AP-side config:
Authentication: WPA
WPA Mode: EAP
Cipher Type: AUTO (AES
Jens Riecken [EMAIL PROTECTED] wrote:
modcall: entering group authenticate for request 1
rlm_eap: EAP packet type notification id 1 length 42
rlm_eap: EAP Start not found
rlm_eap: Request found, released from the list
rlm_eap: EAP_TYPE - leap
rlm_eap: processing type leap
I have everything up and running properly, and I am
encounterin a minor problem inherent in ACU. When a
device using LEAP is removed from the wireless
coverage area, a prompt for LEAP username password
is displayed. If you click cancel, it pops up every 60
seconds.
The only way to discontinue
their windows
login and userid and they won't ever see a login. If these are Linux PC's
using the cisco ACU for linux I have never used it but I would switch to
another supplicant and use PEAP. Unless you have an overriding need to use
LEAP you might want to consider migrating to PEAP instead, even Cisco
On Fri, 26 Mar 2004, Steve OBrien wrote:
Is it possible to use LDAP to authenticate LEAP clients? If so does anyone have the
particulars?
TIA,
Steve
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
If you have clear text passwords in your ldap and set
Is it possible to use LDAP to authenticate LEAP clients? If so does anyone have the particulars?
TIA,
Steve
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
for VPN and ssh authentication. I now need it to do LEAP authentication
as well, is this possible?
Basile Mathieu [EMAIL PROTECTED] wrote:
is it possible to use leap and ldap ?
( is there a problem with encrypt passsword? )
Yes. LEAP needs a clear-text password, or an NT password.
when i configure my freeradius to use ldap , with raddtest i have an
access-accept
even if i add
I do not necessarily know how to implement mschap,
it is actually (Secured password (EAP-MSCHAP v2) on the Orinoco
gold card. The only thing I have set up in free radius that works is LEAP so
far. Lets start from the beginning: I downloaded freeradius 0.9.3 and
unzipped it. After
Brian Schuetz [EMAIL PROTECTED] wrote:
...
The same thing again.
If you're not going to read the replies to your messages, then don't
post those messages to the list.
I already answered your message. Go back and read that answer.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
Alan DeKok
No, it is NOT the same thing again. I have read ALL replies and you have
not responded until NOW, therefore your assumption is WRONG. I gave you
more information. LOOK AGAIN. I do not appreciate your tone in your email
-
List info/subscribe/unsubscribe? See
1 - 100 of 119 matches
Mail list logo