Re: Getting DD-WRT to work with FreeRadius and LEAP authentication

On Sun, Jun 2, 2013 at 9:10 PM, Kostya kosty...@gmail.com wrote: I am trying to set up a WPA2 Enterprise protected network with FreeRadius as the radius server. I have configured everything and it was working fine. Then I realised that I need to use LEAP to replicate a specific environment

Getting DD-WRT to work with FreeRadius and LEAP authentication

Hi I am trying to set up a WPA2 Enterprise protected network with FreeRadius as the radius server. I have configured everything and it was working fine. Then I realised that I need to use LEAP to replicate a specific environment to test. I am struggling with this for the entire day, I tried many

Re: Getting DD-WRT to work with FreeRadius and LEAP authentication

Kostya wrote: I am trying to set up a WPA2 Enterprise protected network with FreeRadius as the radius server. I have configured everything and it was working fine. Then I realised that I need to use LEAP to replicate a specific environment to test. You should avoid LEAP. It's insecure. I

Re: Getting DD-WRT to work with FreeRadius and LEAP authentication

The client is ipad mini, it has a leap option. I will check it tomorrow again. On Jun 3, 2013 12:41 AM, Alan DeKok al...@deployingradius.com wrote: Kostya wrote: I am trying to set up a WPA2 Enterprise protected network with FreeRadius as the radius server. I have configured everything

Query regarding LEAP-authentication

Hi all. I am trying to connect to a network, via LEAP authentication. When I open 192.168.1.1 (IP address of my router), and visit the wireless section, I see that there are four different options 1. Radius 2. WPA Enterprise 3. WPA2 Enterprise 4. WPA/WPA2 Enterprise 2., 3., 4. are obvious. I

Re: Query regarding LEAP-authentication

Ajay Garg wrote: I am trying to connect to a network, via LEAP authentication. Don't. LEAP is insecure and SHOULD NOT be used. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Query regarding LEAP-authentication

LEAP is an older form of 802.1X authentication method...superseded by PEAP, TTLS etc. You need to define a RADIUS server and use WPA/enterprise or WPA2/enterprise, or the LEAP option if your kit supports it (its sometimes listed separately) WEP is not LEAP. alan - List info/subscribe

Free radius authentication with active directory using leap module

Hi, Would greatly someone's help on this. I need free radius to authenticate with using wpa. From the local radtest I can see, it is authenticating fine but when testing with a wpa device, this is the error m getting on the debug log: I just need it to work from wireless device, I think it is

RE: LEAP Authentication?

It does. It is a Aironet 350 device and it has internal RADIUS as well, which we are able to authenticate against(using LEAP). Is this for WLSE authentication to the AP? If not, do you have other options other than LEAP? If so, avoid LEAP as many others have said. - List info/subscribe

Re: LEAP Authentication?

.nabble.com/LEAP-Authentication-tp4475314p4536058.html Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: LEAP Authentication?

pesho wrote: Is it possible that the problem is with the Access Point? I tried to authenticate using the native windows client and the Verizon Wireless Manager and I can see the same behaviour... no answer to the Access-Challenge. Don't use LEAP. Use another authentication method. Alan

Re: LEAP Authentication?

I guess this is kind of solution, but we would like to have the LEAP running as well. Any other suggestions? Thanks. -- View this message in context: http://freeradius.1045715.n5.nabble.com/LEAP-Authentication-tp4475314p4536546.html Sent from the FreeRadius - User mailing list archive

Re: LEAP Authentication?

pesho wrote: I guess this is kind of solution, but we would like to have the LEAP running as well. Any other suggestions? Don't run LEAP. LEAP requires support from the access point. If the documentation for the AP doesn't say it supports LEAP, it won't work. The recommendation

Re: LEAP Authentication?

Hi, I guess this is kind of solution, but we would like to have the LEAP running as well. Any other suggestions? i ran up a default FreeRADIUS install, enabled LEAP, had a device doing LEAP against the 802.1X AP and it just worked. does your AP understand LEAP? alan - List info/subscribe

Re: LEAP Authentication?

It does. It is a Aironet 350 device and it has internal RADIUS as well, which we are able to authenticate against(using LEAP). -- View this message in context: http://freeradius.1045715.n5.nabble.com/LEAP-Authentication-tp4475314p4536908.html Sent from the FreeRadius - User mailing list archive

Re: LEAP Authentication?

-To: FreeRadius users mailing list freeradius-users@lists.freeradius.org Subject: Re: LEAP Authentication? It does. It is a Aironet 350 device and it has internal RADIUS as well, which we are able to authenticate against(using LEAP). -- View this message in context: http://freeradius.1045715.n5.nabble.com

Re: LEAP Authentication?

Yes, you can get LEAP to work with Cisco and some other devices, but LEAP is a flawed proprietary protocol. When analyzed and found subject to offline dictionary attacks Cisco circled the wagons and threw FUD until FAST was developed and deployed. LEAP has never been publically

LEAP Authentication?

Hi, I'm unable to authenticate using the LEAP method. All the other EAP methods are working fine. Thanks in advance for your help. Here is the output from radiusd -X: FreeRADIUS Version 2.1.10, for host i386-redhat-linux-gnu, built on Oct 19 2010 at 19:44:13 Copyright (C) 1999-2009

Can't get LEAP working [beginner]

Hi, I installed freeradius and have radtest passed. Playing with it with Cisco gears. The system includes freeRadius (ip: 60.60.0.9 on vlan 660) and Cisco controller(ip: 60.62.0.11)/AP (on vlan 662). Using a Windows 7 laptop + Intel 6200 wifi chipset as the client. I understand LEAP

Re: Can't get LEAP working [beginner]

) and Cisco controller(ip: 60.62.0.11)/AP (on vlan 662). Using a Windows 7 laptop + Intel 6200 wifi chipset as the client. I understand LEAP is not secure, but it is simple, so this is just hope see if they can all work together.  However, client was unable to connect.  Here are the debug outputs

Re: Can't get LEAP working [beginner]

Hi, Hmmm. probably not the case, here is my 'users' file: isnt it a little more obvious than that? Ignoring EAP-Type/tls because we do not have OpenSSL support. Ignoring EAP-Type/ttls because we do not have OpenSSL support. Ignoring EAP-Type/peap because we do not have

Re: Can't get LEAP working [beginner]

ah but this is LEAP I am testing, which does not require OPENSSL support. In wiki page, http://wiki.freeradius.org/Rlm_eap === INSTALLATION EAP, EAP-MD5, and Cisco *LEAP* do not require any additional packages. * FreeRADIUS* http://wiki.freeradius.org/FreeRADIUS contains all the required

Re: Can't get LEAP working [beginner]

Thanks Alan. After installing openssl development package, libssl-dev, for ubuntu 10.10, and recompiling freeradius. I now have PEAP MSCHAPv2 working, client connecting good. Though LEAP still not working (with same id/pw), but I will figure out that later and play with certificates stuffs first

Re: Can't get LEAP working [beginner]

David Jea wrote: ah but this is LEAP I am testing, which does not require OPENSSL support. Yes. The only reason LEAP doesn't work is that the password you gave the server doesn't match the password you entered on the client. Alan DeKok. - List info/subscribe/unsubscribe? See http

Leap + freeRADIUS + AD

Hi, We are using freeRADIUS-1.1.6 talk with AD. It can work if we use EAP-peap(mschap-v2). Now I want to use Leap in client. But got failed.  Can Leap + freeRADIUS + AD support in freeRADIUS-1.1.6 or new version?   Thanks. John

Re: Leap + freeRADIUS + AD

John wrote: Hi, We are using freeRADIUS-1.1.6 talk with AD. It can work if we use EAP-peap(mschap-v2). Now I want to use Leap in client. But got failed. Can Leap + freeRADIUS + AD support in freeRADIUS-1.1.6 or new version? LEAP requires that the access points support LEAP. They don't

Problems authenticating with freeRADIUS and LEAP

Hi! I have set up a freeradius server, which are pointed to by my Linksys WRT54GL router. Everything seems to work with LEAP authentication, such as radtest from localhost and also from my laptop (When router is running WPA2 Personal, and i can connect to the network). The problem comes when i

Re: Problems authenticating with freeRADIUS and LEAP

I have set up a freeradius server, which are pointed to by my Linksys WRT54GL router. Everything seems to work with LEAP authentication, such as radtest from localhost and also from my laptop (When router is running WPA2 Personal, and i can connect to the network). The problem comes when i

SV: Problems authenticating with freeRADIUS and LEAP

with freeRADIUS and LEAP I have set up a freeradius server, which are pointed to by my Linksys WRT54GL router. Everything seems to work with LEAP authentication, such as radtest from localhost and also from my laptop (When router is running WPA2 Personal, and i can connect to the network

LEAP auth failure using hostapd-0.5.9 and freeradius-2.1.1

Dear All, I trying to authenticate a wireless client using LEAP auth type and have configured the AP to use hostapd-0.5.9 as authenticator.as follows: wireless client -- hostapd-0.5.9 --- freeradius-2.1.1 windows-XP based authenticator

Re: LEAP auth failure using hostapd-0.5.9 and freeradius-2.1.1

Prasad Parab wrote: Dear All, I trying to authenticate a wireless client using LEAP auth type and have configured the AP to use hostapd-0.5.9 as authenticator.as follows: wireless client -- hostapd-0.5.9 --- freeradius-2.1.1 windows-XP based

Re: Configuring LEAP for freeradius

Gaurav Bandekar wrote: I wanted to know how to configure EAP-LEAP on FreeRadius Server. Use the default configuration. Tell the server a known good password for the user. e.g. the FAQ gives an example. Once that's done, LEAP will work. Alan DeKok. - List info/subscribe/unsubscribe

Configuring LEAP for freeradius

Hi, I wanted to know how to configure EAP-LEAP on FreeRadius Server. The following are the configuration settings done. 1. clients.conf - added the client AP. 2. radiusd.conf - modules

Re: freeRADIUS 1.1.3 and Cisco WLSE LEAP Authentication

On Fri, 2007-01-05 at 11:48 +0100, Mark Hollenbeck wrote: Hallo, there has been a problem with Cisco WLSE LEAP authentication for WDS with an older version of freeRADIUS. Is this problem still there, or has it been fixed in the meantime? ISTR that the problem is that the Cisco WLSE isn't

freeRADIUS 1.1.3 and Cisco WLSE LEAP Authentication

Hallo, there has been a problem with Cisco WLSE LEAP authentication for WDS with an older version of freeRADIUS. Is this problem still there, or has it been fixed in the meantime? Thanks a lot Mark - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: freeRADIUS 1.1.3 and Cisco WLSE LEAP Authentication

Mark Hollenbeck wrote: there has been a problem with Cisco WLSE LEAP authentication for WDS with an older version of freeRADIUS. Is this problem still there, or has it been fixed in the meantime? What is the problem? Alan DeKok. -- http://deployingradius.com - The web site

Re: Peap/leap/wap

Hi, Does free radius support PEAP/LEAP 802.1x authentication? yes, of course it does. How can i configure it? I'd start by reading the documentation. Then you'd want to plan on how to implement it. make sure the required parts of, eg eap.conf are configured and make sure that the required

Peap/leap/wap

Does free radius support PEAP/LEAP 802.1x authentication? How can i configure it? - Original Message - From: Michael Griego [EMAIL PROTECTED] To: FreeRadius users mailing list freeradius-users@lists.freeradius.org Sent: Tuesday, June 06, 2006 7:52 PM Subject: Re: PEAP authentication

Re: LEAP

Hi , Please use the latest version of FreeRADIUS (1.1.0). This includes the the eDirectory integration and you should be able to set up LEAP authentication with it. Please refer to the following links which contain documentation on eDirectory integration with FreeRADIUS. http://www.novell.com

LEAP

We are having problems getting leap to authenticate. We are using FreeRadius 0.9.3, Cisco Arionet 1200 and eDir as a back end. Here is our config file: ! version 12.3 no service pad service timestamps debug datetime msec service timestamps log datetime msec service password-encryption

Re: LEAP

John Peebles [EMAIL PROTECTED] wrote: We are having problems getting leap to authenticate. We are using FreeRadius 0.9.3, Cisco Arionet 1200 and eDir as a back end. I suggest you upgrade to 1.1.0. It has a *lot* of security fixes, and eDir integration, too. here is the error message we get

eap\leap proxy

I would like to proxy leap authentication requests to a non-leap compatible radius server. This is a feature of the Cisco ACS product that I was hoping FreeRadius would be able to do. I have eap\leap working with my lab wireless access point using the local users file. I have a realm setup

Re: eap\leap proxy

[EMAIL PROTECTED] wrote: 1) Does the current FreeRadius download have this capability and I just need to configure it correctly? No. 3) [to the developers] In the processing eap\leap authentication request within the code does the username and password get decoded to plain text

LEAP Protocol

Hi everyone, is me again!! I have a question about freeradius 1.0.4. With LEAP protocol, the last packet sent by the server has a leap-session-key. Does anybody knows how this key is generated? Thank you very much!!! Juan Daniel MORENO - List info/subscribe/unsubscribe? See http

Re: LEAP Protocol

Juan Daniel Moreno [EMAIL PROTECTED] wrote: I have a question about freeradius 1.0.4. With LEAP protocol, the last packet sent by the server has a leap-session-key. Does anybody knows how this key is generated? Thank you very much!!! doc/rfc/leap.txt Or, the source code. Alan DeKok

wlse leap patches

Hello Were Can I found patches for cisco wlse work ? Marc - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: wlse leap patches

Marc-Henri Boisis-delavaud wrote: Hello Were Can I found patches for cisco wlse work ? Marc Huh... my best guess would be cisco.com :) -- Groeten, Regards, Salutations, Thor Spruyt M: +32 (0)475 67 22 65 E: [EMAIL PROTECTED] W: www.thor-spruyt.com www.salesguide.be www.telenethotspot.be -

Re: wlse leap patches

-mem-patch 7. Apply the rlm_leap patch: cd freeradius-1.0.0/src/modules/rlm_eap/types/rlm_leap, patch /patchdir/freeradius-1.0.0-leap-patch Configure and compile as usual. Thanks should be given to Richard Timsit and John Koen for their assistance in providing/testing these patches. Best Regards

Re: wlse leap patches

, August 29, 2005 6:44 PM Subject: Re: wlse leap patches Here are the patches. These were made against FreeRadius 1.0.0 Here's how to apply them: 1. mkdir patchdir, cd patchdir 2. gzip -dc freeradius-1.0.0-wlse-patches.tar.gz |tar -xvf - 3. Grab the FreeRadius-1.0.0 source code and extract it. 4

LEAP and PEAP protocols

Hi everybody again, I would like to know if any of you has somme information about LEAP and PEAP protocols. Does any RFC about them exist? I find nothing in the net. Thanks you!!! Juan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: LEAP and PEAP protocols

Juan Daniel Moreno [EMAIL PROTECTED] wrote: I would like to know if any of you has somme information about LEAP and PEAP protocols. Does any RFC about them exist? I find nothing in the net. Thanks you!!! doc/rfc/* Alan DeKok. - List info/subscribe/unsubscribe? See http

Re: LEAP and PEAP protocols

LEAP is a proprietary protocol of Cisco's. They have never published a spec, but it has been reverse engineered. (use Google) It is severely flawed. PEAP is in an Internet Draft (v2), but what Microsoft has implemented (v0) and what Cisco supports(v1) are two different derivations of previous

Re: LEAP and PEAP protocols

FreeRadius users mailing list freeradius-users@lists.freeradius.org on August 12, 2005 at 09:04 -0800 wrote: LEAP is a proprietary protocol of Cisco's. They have never published a spec, but it has been reverse engineered. (use Google) It is severely flawed. What he said. PEAP is in an Internet

LEAP

Ehlo We are usign Cisco1200 AP for roaming, but AP needs to auth into radius. Because CISCO it must use LEAP. But it fails on this rlm_eap: EAP/leap rlm_eap: processing type leap rlm_eap_leap: No User-Password or NT-Password configured for this user rlm_eap: Handler failed in EAP/leap

Re: LEAP

Luis Daniel Lucio Quiroz [EMAIL PROTECTED] wrote: uid: AP-DATI userrPassword: cisco1234 sambaNTPassword: 3B298390489F668CA3C38047C7FE1266 sambaLMPassword: 8BE57A0FA91F460C19F10A933D4868DC How should I fix this? Add the following to ldap.attrmap: checkItem NT-Password

RE: LEAP

- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Luis Daniel Lucio Quiroz Sent: Mittwoch, 01. Juni 2005 01:07 To: freeradius-users@lists.freeradius.org Subject: LEAP Ehlo We are usign Cisco1200 AP for roaming, but AP needs to auth into radius. Because CISCO it must use LEAP

leap probléme

hi, I have a problem on Freeradius 1.0.2. I have two configuration: 1- PDA microsoft pocket PC --- AP Cisco --- Freeradius 1.0.2 2- PDA microsoft pocket PC 2003 --- AP Cisco -- Freeradius 1.0.2 The configuration one functions without problem in EAP-LEAP. An error on the configuration two saying

Problém authenticaton EAP-LEAP (Eap-leap will not be in production but in test currently)

hello, I have a problem on Freeradius 1.0.2. I have two configuration: 1- PDA microsoft pocket PC --- AP Cisco --- Freeradius 1.0.2 2- PDA microsoft pocket PC 2003 --- AP Cisco -- Freeradius 1.0.2 The configuration one functions without problem in EAP-LEAP. An error on the configuration two

LEAP and WDS patches

hese patches in place on my own? Also, has anyone written up a how-to for Cisco WDS LEAP auth setup with Freeradius? If not, I'm willing to do so, provided I can get questions answered by those fine folks who've made it work so far. I'm looking forward to showing the local Cisco guys that Freeradius

RE: Is there some kind of trick to make Cisco LEAP work???

: Is there some kind of trick to make Cisco LEAP work??? Hello Folks, All I can say is WOW! Too be quite honest I had given up on making FreeRadius work with Cisco's WDS and WLSE. In my particular situation we also had a licensed Cisco ACS 3.x (now 3.3) server however, we weren't

Re: Is there some kind of trick to make Cisco LEAP work???

James, We have gotten LEAP to work with Cisco access points. My last posting on the subject might help if you haven't gotten there yet... However, we have not been able to get LEAP for Cisco's WDS worked out. All of the access points in the group authenticate successfully, but the WLSE

RE: Is there some kind of trick to make Cisco LEAP work???

network considering it also provides authentication services to the rest of our network resources. That's were I saw FreeRadius as an excellent fit. To update my original post I had gotten LEAP to work with clients (after the fact). My problem was I fooled with trying to get WDS LEAP

LEAP stopped working

Dear FreeRadius Users, We have two Aironet 350 bridges in a point-to-point config. We use Cisco-LEAP to get dynamic keys (unfortunately, LEAP is the only EAP protocol those bridges know). We have been using FreeRadius 0.9.3 with this setup and it was working fine. We just upgraded

RE: LEAP stopped working

From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok Sent: Wednesday, September 22, 2004 7:22 PM To: [EMAIL PROTECTED] Subject: Re: LEAP stopped working Matanya Elchanani [EMAIL PROTECTED] wrote: We have two Aironet 350 bridges in a point-to-point config. We use

Re: Is there some kind of trick to make Cisco LEAP work???

Richard, Thanks for that input, it sounds very straightforward to me. I'll try your patches on Tuesday (Monday is a holiday here). Have you brought this up with Cisco? If not, I will open a case next week. I'd like to know whether Cisco's leap/eap developers intended for the ID

Re: Is there some kind of trick to make Cisco LEAP work???

James, We have gotten LEAP to work with Cisco access points. My last posting on the subject might help if you haven't gotten there yet... However, we have not been able to get LEAP for Cisco's WDS worked out. All of the access points in the group authenticate successfully

Re: Is there some kind of trick to make Cisco LEAP work???

James, We have gotten LEAP to work with Cisco access points. My last posting on the subject might help if you haven't gotten there yet... http://lists.freeradius.org/pipermail/freeradius-users/2004-August/ 035601.html However, we have not been able to get LEAP for Cisco's WDS worked out

[OT] Should anyone even use LEAP

Coates Carter wrote: James, We have gotten LEAP to work with Cisco access points. My last posting on the subject might help if you haven't gotten there yet... I was just wondering, would this type of setup still be vulnerable to this: http://asleap.sourceforge.net/ Should LEAP be used in any

Re: Is there some kind of trick to make Cisco LEAP work???

the horse (Cisco's WLSE leap/eap/radius client being the horse). The state is meaningless, other than a series of bytes which the server interprets. It's implementation-specific, and the NAS thinks it means anything. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org

Re: [OT] Should anyone even use LEAP

Adam Shelley [EMAIL PROTECTED] wrote: I was just wondering, would this type of setup still be vulnerable to this: http://asleap.sourceforge.net/ Should LEAP be used in any production environment to ensure security on wireless links? It's no more vulnerable than MS-CHAP, except that MS

RE: [OT] Should anyone even use LEAP

Yes -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok Sent: Tuesday, August 31, 2004 2:01 PM To: [EMAIL PROTECTED] Subject: Re: [OT] Should anyone even use LEAP Adam Shelley [EMAIL PROTECTED] wrote: I was just wondering, would this type

RE: [OT] Should anyone even use LEAP

Hi Adam, If any other alternative exists, then LEAP should not be used. As you've pointed out, LEAP is vulnerable to known published attacks. Even Cisco recommends (their version of ;-) PEAP. Given the requirements placed upon the AP, LEAP is also effectively constrained to Cisco APs

RE: [OT] Should anyone even use LEAP

ASLEAP uses an offline dictionary attack to crack LEAP passwords. Best practice to use when deploying LEAP is strong user passwords. Amos -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok Sent: Tuesday, August 31, 2004 2:01 PM To: [EMAIL

RE: [OT] Should anyone even use LEAP

to use a weaker mechanism. Regards, Guy -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Amos Gregory Sent: 31 August 2004 21:58 To: [EMAIL PROTECTED] Subject: RE: [OT] Should anyone even use LEAP ASLEAP uses an offline dictionary attack

RE: LEAP, LDAP NT-password

Thanks Matt Sapp, I hadn't seen this before, and it solved my latest problem. Apparently the 0x prefix lets the appropriate rlm know that the value is already a hash, not to recalculate. I tried the following three simplified examples to demonstrate that what you said is true

Re: Forcing Auth-Method to LEAP

Jan Satko [EMAIL PROTECTED] wrote: It is same problem that was recent;y reported by me. Forcing set EAP-Type doesn't work correctly. I have reported that I have 1.0.0-pre3 version. But I don't have any response yet from you. All I know is that it works in my tests. I'll see if I can have

Re: Forcing Auth-Method to LEAP

Dietmar Romer [EMAIL PROTECTED] wrote: I tried this, but it does not work. The files-module is called before the eap-module; it always returns ok, regardless of the EAP-Type := LEAP. Did you try it in 1.0.0-pre3? The feature was added, and tested by me (though not recently). Alan

Re: NT-Password and EAP-LEAP Authentication fail in users file

hideck [EMAIL PROTECTED] wrote: NG uesrs file config --- test NT-Password := 0CB6948805F797BF2A82807973B89537 --- test NT-Password := 0x0CB6948805F797BF2A82807973B89537

Re: Restrict Authentication depending on MAC/LEAP

to restrict a user to use LEAP only: user99 Auth-Type := EAP, User-Password == test, EAP-Type := LEAP Service-Type = Framed-User This does not work either, he can still use MD5. I'm not sure that's supported in 0.9.3. It *is* supported in 1.0.0, but you'll have to list the files

NT-Password and EAP-LEAP Authentication fail in users file

Hi List, I have a trouble in EAP-LEAP authentification in FreeRADIUS, while an ordinary User-Password attribute works fine. Namely, when I enabled and configured NT-Password attribute in the 'users' file as in the below, I got 'Authentication fail'. I appreciate any advice/hint to resolve

RE: Freeradius using leap and ldap

Original Message Follows From: Tony Sciortino [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Freeradius using leap and ldap Date: Thu, 1 Jul 2004 00:24:14 -0400 I am very close to getting freeradius to work with leap and ldap but I can not seem to close

Re: Freeradius using leap and ldap

Tony Sciortino wrote: rlm_ldap: LDAP lmPassword mapped to RADIUS LM-Password rlm_ldap: LDAP ntPassword mapped to RADIUS NT-Password rlm_ldap: LDAP racfPassword mapped to RADIUS User-Password rlm_ldap: bind as racfid=admin,profiletype=USER,dc=racf,o=riteaid.com/mypass to

Re: Is there some kind of trick to make Cisco LEAP work???

James D. Munroe [EMAIL PROTECTED] wrote: Has anyone tried or successfully been able to get Cisco-Leap to work using FreeRadius? Lots of people. That's why the feature is there. It's been used for over a year now. If you can't get LEAP to work, I suggest running the server in debugging

Post-Auth for Access-Accept not called with LEAP

Hi, I have the following set up in my radiusd to get auth results. With other EAP types like peap, ttls, etc. I get Access-Accepts also logged in the reply_log. For LEAP, I am not getting it. From debug run, I don't see post-auth getting called at all. How can I fix to get the post-auth

RE: Post-Auth for Access-Accept not called with LEAP

not called with LEAP Hi, I have the following set up in my radiusd to get auth results. With other EAP types like peap, ttls, etc. I get Access-Accepts also logged in the reply_log. For LEAP, I am not getting it. From debug run, I don't see post-auth getting called at all. How can I fix to get

RE: Post-Auth for Access-Accept not called with LEAP

Hi, The attached patch allows me to get the post-auth called in Access-Accept when LEAP is used. In the rad_authenticate routine from auth.c returns without going further to call rad_postauth if the called to rad_check_password returns with RLM_MODULE_HANDLED. In the eap_compose routine

Re: qn abt leap

Timothy Tan [EMAIL PROTECTED] wrote: Just a quick question about LEAP. Am I right to say that as long as the client wlan card supports LEAP, I just need any 802.1x compatible AP to pass through the LEAP request to the FreeRADIUS server? Or do I need to use a Cisco-only AP? The AP needs

qn abt leap

Hi everyone. Had some problem with my email accounts and subscription... anyway, Just a quick question about LEAP. Am I right to say that as long as the client wlan card supports LEAP, I just need any 802.1x compatible AP to pass through the LEAP request to the FreeRADIUS server? Or do I need

Re: EAP-LEAP failure

Alan DeKok wrote: ... modcall: entering group authenticate for request 2 rlm_eap: EAP packet type notification id 3 length 15 rlm_eap: EAP Start not found rlm_eap: EAP Identity rlm_eap: processing type leap rlm_eap_leap: Stage 2 And the client is re-starting EAP. That isn't good

EAP-LEAP failure

help! Regards Jens Iwo Riecken Environment: freeradius-0.9.3 DWL-2100AP (AccessPoint) DWL-G520 (Wirless Adapter) Client OS W2k SP4 w/ 802.1x service enabled Client-side config: Authentication: WPA SSID: pwlz001 EAP Type: LEAP AP-side config: Authentication: WPA WPA Mode: EAP Cipher Type: AUTO (AES

Re: EAP-LEAP failure

Jens Riecken [EMAIL PROTECTED] wrote: modcall: entering group authenticate for request 1 rlm_eap: EAP packet type notification id 1 length 42 rlm_eap: EAP Start not found rlm_eap: Request found, released from the list rlm_eap: EAP_TYPE - leap rlm_eap: processing type leap

LEAP login prompt

I have everything up and running properly, and I am encounterin a minor problem inherent in ACU. When a device using LEAP is removed from the wireless coverage area, a prompt for LEAP username password is displayed. If you click cancel, it pops up every 60 seconds. The only way to discontinue

RE: LEAP login prompt

their windows login and userid and they won't ever see a login. If these are Linux PC's using the cisco ACU for linux I have never used it but I would switch to another supplicant and use PEAP. Unless you have an overriding need to use LEAP you might want to consider migrating to PEAP instead, even Cisco

Re: LDAP LEAP and Freeradius

On Fri, 26 Mar 2004, Steve OBrien wrote: Is it possible to use LDAP to authenticate LEAP clients? If so does anyone have the particulars? TIA, Steve - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html If you have clear text passwords in your ldap and set

Re: LDAP LEAP and Freeradius

Is it possible to use LDAP to authenticate LEAP clients? If so does anyone have the particulars? TIA, Steve - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

LDAP LEAP and Freeradius

for VPN and ssh authentication. I now need it to do LEAP authentication as well, is this possible?

Re: leap and ldap

Basile Mathieu [EMAIL PROTECTED] wrote: is it possible to use leap and ldap ? ( is there a problem with encrypt passsword? ) Yes. LEAP needs a clear-text password, or an NT password. when i configure my freeradius to use ldap , with raddtest i have an access-accept even if i add

leap works, mschap does not

I do not necessarily know how to implement mschap, it is actually (Secured password (EAP-MSCHAP v2) on the Orinoco gold card. The only thing I have set up in free radius that works is LEAP so far. Lets start from the beginning: I downloaded freeradius 0.9.3 and unzipped it. After

Re: leap works, mschap does not

Brian Schuetz [EMAIL PROTECTED] wrote: ... The same thing again. If you're not going to read the replies to your messages, then don't post those messages to the list. I already answered your message. Go back and read that answer. Alan DeKok. - List info/subscribe/unsubscribe? See

leap works, mschap does not

Alan DeKok No, it is NOT the same thing again. I have read ALL replies and you have not responded until NOW, therefore your assumption is WRONG. I gave you more information. LOOK AGAIN. I do not appreciate your tone in your email - List info/subscribe/unsubscribe? See

  1   2   >