.conf for you, but
I'm not up to date on Debian specifically.
Stefan
-Original Message-
From: Roberto Carna [mailto:robertocarn...@gmail.com]
Sent: 23 September 2013 19:16
To: Paetow, Stefan (DLSLtd,RAL,LSCI)
Subject: Re: Active Directory authentication question
Dear
=diamond.ac...@lists.freeradius.org] On Behalf Of
Roberto Carna
Sent: 25 September 2013 14:27
To: FreeRadius users mailing list
Subject: Re: Active Directory authentication question
Dear Stephan, just the last question pleasein your guide you say:
In /etc/raddb/eap.conf, change the ttls
=diamond.ac...@lists.freeradius.org] On Behalf Of
Roberto Carna
Sent: 25 September 2013 14:27
To: FreeRadius users mailing list
Subject: Re: Active Directory authentication question
Dear Stephan, just the last question pleasein your guide you say:
In /etc/raddb/eap.conf, change the ttls
Sent: 25 September 2013 15:44
To: FreeRadius users mailing list
Subject: Re: Active Directory authentication question
Dear Stephan: Notebook with Windows 7 + AP + EAP-TTLS + MSCHAPv2 +
Freeradius + AD is working now !!!
But just a doubt: if I access with my Android device, using EAP-TLS
[mailto:freeradius-users-
bounces+stefan.paetow=diamond.ac...@lists.freeradius.org] On Behalf
bounces+Of
Roberto Carna
Sent: 25 September 2013 14:27
To: FreeRadius users mailing list
Subject: Re: Active Directory authentication question
Dear Stephan, just the last question please
Well. There's no such thing as EAP-TLS/MSCHAPv2 . So I'd guess that your
Android device is just doing PEAPv0/EAP-MSCHAPv2 or such and your config allows
it to. If you ran in full debug mode when connecting with the Android device
you'd see exactly what's happening
alan
-
List
But in the EAP-TLS section from eap.conf file, I don't see any
reference to MSCHAPv2and remember the NTLM authentication query is
set up in the MSCHAPv2 module
EAP-TLS does not use MSCHAPv2. It uses certificates.
I quote Alan DeKok's response to your question on September 18:
to date on Debian specifically.
Stefan
-Original Message-
From: Roberto Carna [mailto:robertocarn...@gmail.com]
Sent: 23 September 2013 19:16
To: Paetow, Stefan (DLSLtd,RAL,LSCI)
Subject: Re: Active Directory authentication question
Dear Stepahn, I use Debian 7 for my Freeradius
Roberto Carna wrote:
Dear, I'm advancing in the Freeradius + AD authenticationjust a
short question: when I want to make the eapol_test tool, I get this
error:
# make eapol_test
/usr/bin/ld: cannot find -lnl
collect2: error: ld returned 1 exit status
make: *** [eapol_test] Error 1
On 09/24/2013 10:16 AM, Roberto Carna wrote:
Dear, I'm advancing in the Freeradius + AD authenticationjust a
short question: when I want to make the eapol_test tool, I get this
error:
# make eapol_test
/usr/bin/ld: cannot find -lnl
collect2: error: ld returned 1 exit status
make: ***
...@lists.freeradius.org] On Behalf Of
Roberto Carna
Sent: 24 September 2013 15:17
To: FreeRadius users mailing list
Subject: Re: Active Directory authentication question
Dear, I'm advancing in the Freeradius + AD authenticationjust a
short question: when I want to make the eapol_test tool, I get
Or ask your distribution provider why they still provide wpa_supplicant package
without eapol_test tool ;)
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
What I mean is that EAP-TLS is easier to me than AD authentication at
this point, because I've just put it to work...and if I want to use AD
auth I have to take EAP-TLS out and start again with NTLM / AD
authenticationis it OK ???
Roberto, you don't have to remove EAP-TLS to support
Thanks Stepahn for all your important help.
Regards,
Roberto
2013/9/19 stefan.pae...@diamond.ac.uk:
What I mean is that EAP-TLS is easier to me than AD authentication at
this point, because I've just put it to work...and if I want to use AD
auth I have to take EAP-TLS out and start again
Roberto Carna wrote:
Dear, I have several Windows 7 clients over WiFi autheticating throug
EAP-TLS to a Freeradius 2.1 service against a local MySQL database, it
works OK.
EAP-TLS doesn't use MySQL for storing credentials. Everything is in
the certificate.
Now I have to change the
Sorry, so I'm a bit confused...
I'm using Windows 7 clients for accesing the WiFi network through
EAP-TLS with X.509 certificates. But in this way, I could see that I
can authenticate users or hosts...if I choose users, I can see a
dialog box to fill user and password and I suppose they are
On 18 Sep 2013, at 15:39, Roberto Carna robertocarn...@gmail.com wrote:
Sorry, so I'm a bit confused...
I'm using Windows 7 clients for accesing the WiFi network through
EAP-TLS with X.509 certificates. But in this way, I could see that I
can authenticate users or hosts...if I choose
On 09/18/2013 11:01 AM, Roberto Carna wrote:
Arran, I have a private CA and I've created the server and client
certs of course...and I've generated the .p12 cert (includind the CA
cert) to install in my Windows 7 clientsit works OK.
What I mean is that EAP-TLS is easier to me than AD
Arran, I have a private CA and I've created the server and client
certs of course...and I've generated the .p12 cert (includind the CA
cert) to install in my Windows 7 clientsit works OK.
What I mean is that EAP-TLS is easier to me than AD authentication at
this point, because I've just put
Roberto Carna wrote:
Sorry, so I'm a bit confused...
Because you're unfamiliar with the correct terminology, and with how
things really work. To recap:
EAP-TLS uses certificates to identify users. And nothing else. No
passwords, etc.
AD is a database. MySQL is a database. They store
20 matches
Mail list logo
