Eronko
Sent: Tuesday, February 26, 2008 5:30 PM
To: FreeRadius users mailing list
Subject: RE: PEAP LDAP password problem
Thank you for detailed explanation.
I'll try to reenter all users password in NTpassword attribute.
Could someone give me link to appoporate openldap guide.
Where I can
EMAIL PROTECTED]
g] On Behalf Of Alan DeKok
Sent: Tuesday, February 26, 2008 2:10 PM
To: FreeRadius users mailing list
Subject: Re: PEAP LDAP password problem
Alexey Eronko wrote:
> I have huge problem that I need to ask 200 users to reenter there
passwords
> in OpenLDAP.
Then I guess you'
Alexey Eronko wrote:
> I have huge problem that I need to ask 200 users to reenter there passwords
> in OpenLDAP.
Then I guess you're not going to deploy PEAP.
> Another problem is that I'm not sure that I can store two kind of password
> simultaneously(nt and crypt).
Yes, you can. They can
Alexey Eronko wrote:
> Thanks for you replay.
>
> According with this link :
> http://deployingradius.com/documents/protocols/compatibility.html.
>
> I need EAP-GTC.
Huh? How did you conclude that?
[AE:] Becasuse of GTC support Crypt password.
I have huge problem that I need to ask 200 user
Alexey Eronko wrote:
> Thanks for you replay.
>
> According with this link :
> http://deployingradius.com/documents/protocols/compatibility.html.
>
> I need EAP-GTC.
Huh? How did you conclude that?
All you need to do is to put the NT hash into LDAP, as you said. You
do NOT need to use EAP
Alexey Eronko wrote:
Thanks for you replay.
According with this link :
http://deployingradius.com/documents/protocols/compatibility.html.
I need EAP-GTC. I'm not sure that my Proxim AP700 support this kind of EAP.
APs should not care. All EAP types (that generate crypto keys) should work
Is
Sent: Tuesday, February 26, 2008 12:19 PM
To: FreeRadius users mailing list
Subject: Re: PEAP LDAP password problem
Alexey Eronko wrote:
> Hi!
> I have several services who use LDAP (openldap). For example Linux(via
> pam),apache,svn.
> On my ldap server passwords stored in encrypted h
Alexey Eronko wrote:
> Hi!
> I have several services who use LDAP (openldap). For example Linux(via
> pam),apache,svn.
> On my ldap server passwords stored in encrypted hash.
> Do I right understand you that I need add another field(nt hash) for radius
> authorization?
Yes: http://deployingradi
Hi!
I have several services who use LDAP (openldap). For example Linux(via
pam),apache,svn.
On my ldap server passwords stored in encrypted hash.
Do I right understand you that I need add another field(nt hash) for radius
authorization?
I don't want to store clear text password in my LDAP.
Anothe
Alexey Eronko wrote:
> I have usual problem for persons who wants to setup LDAP+PEAP integration.
> I want to setup WIFI with PEAP auth. via FreeRadius.
> The problem is that I can login with ldap login thought radtest testuser
> 123456 localhost 10 secret.
Which probably does LDAP bind. That'
On 8/18/2006 03:42 PM, Michael Lecuyer wrote:
Rob Shepherd wrote:
> The setup uses PEAP, however am I correct in thinking that the RADIUS
> server never touches any TLS components. The TLS tunnel is between the
> WLAN controller and the client right?
PEAP - Protected EAP - the protection is the
Rob Shepherd wrote:
> The setup uses PEAP, however am I correct in thinking that the RADIUS
> server never touches any TLS components. The TLS tunnel is between the
> WLAN controller and the client right?
PEAP - Protected EAP - the protection is the TLS tunnel which is between
the RADIUS client
Firstly, I am attempting to get XP/OSX clients to connect to a 802.1x
WLAN provided by a cisco wlan controller. This is currently backed by
ACS and works, but i'd like to use FreeRADIUS is possible, with half
my users in LDAP and half in MySQL.
The setup uses PEAP, however am I correct in thin
Daniel Hesse <[EMAIL PROTECTED]> wrote:
> Hello to all. 2 weeks ago I downloaded fedora core 3, with the intention
> of implementing 802.1x security for our wireless system. I'm not sure
> how to find the version of freeradius I have
$ radiusd -v
> Maybe what I am expecting of the software is inc
;s available when doing
eap mschap2 authentication.
At least, it works...
bye
>From: Martin Pauly <[EMAIL PROTECTED]>
>To: [EMAIL PROTECTED]
>Subject: Re: PEAP + LDAP with crypted PWs?
>
>>> crypted passwords... so what i'm planning to do is a middle step:
>>&
> isn't it fantastic? (freeRadius, i mean) :)
Full ack, using freeRadius is fun (even the code itself didn't scare me off,
although I had only time to take a short glimpse).
> I think i'm gonna do PEAP + LDAP with MSCHAPv2, and I also have
> crypted passwords... so what i'm planning to do is a mi
hi,
I think i'm gonna do PEAP + LDAP with MSCHAPv2, and I also have
crypted passwords... so what i'm planning to do is a middle step:
people will have to authenticate via web the first time, in order to check
the password. Then, if its correct the password will be hashed in the air
to NT format. Th
Martin Pauly <[EMAIL PROTECTED]> wrote:
> On the other hand, I haven't seen anything like PEAP-PAP so far,
PEAP with EAP-GTC. Cisco and other clients support it, MS doesn't.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
i think you cannot use encrypted password
we had the same problem and decide yo use ttls with pap
we use secureW2 as client for xp and 2000
basile
Selon Martin Pauly <[EMAIL PROTECTED]>:
> Hi everyone,
>
> We have shortly migrated our user database to OpenLDAP, keeping the
> UNIX-crypted pass
TED]>
Sent: Monday, August 09, 2004 11:06 PM
Subject: Re: PEAP LDAP
> "Alexandre Durand" <[EMAIL PROTECTED]> wrote:
> > I want to make an authentication PEAP between Win XP, openldap, and
> > freeradius. I ve a problem between mschapv2 and openldap. Indeed, I mak
Thanks for your file but how-to patch this file ?? :)
- Original Message -
From: "Tiago Fernandes" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, August 10, 2004 3:40 PM
Subject: Re: PEAP LDAP
> On Tue, 10 Aug 2004 14:30:48 +0200
> "Al
> From: "Alexandre Durand" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Tuesday, August 10, 2004 2:09 PM
> Subject: Re: PEAP LDAP
>
>
> > I oblige to install samba to get schema with lmpassword or ntPassword !!
> >
> > So, haw c
To: <[EMAIL PROTECTED]>
Sent: Tuesday, August 10, 2004 2:09 PM
Subject: Re: PEAP LDAP
> I oblige to install samba to get schema with lmpassword or ntPassword !!
>
> So, haw can i resolve my problem without Samba ?
> - Original Message -
> From: "Tiago Fernand
I oblige to install samba to get schema with lmpassword or ntPassword !!
So, haw can i resolve my problem without Samba ?
- Original Message -
From: "Tiago Fernandes" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, August 10, 2004 12:46 PM
Subject: Re: PE
So, i won't install a samba server.
>
> CAn i add a samba ldap shema whithout install Samba server?
>
> I oblige to install Samba?
>
>
> - Original Message -
> From: "Tiago Fernandes" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, August 10, 2004 12:17 PM
Subject: Re: PEAP LDAP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
EMAIL PROTECTED]>
> Sent: Tuesday, August 10, 2004 10:44 AM
> Subject: Re: PEAP LDAP
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
pgpglIiJFZjpI.pgp
Description: PGP signature
;[EMAIL PROTECTED]>
Sent: Tuesday, August 10, 2004 10:44 AM
Subject: Re: PEAP LDAP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
> From: "Alan DeKok" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Monday, August 09, 2004 11:06 PM
> Subject: Re: PEAP LDAP
>
>
> > "Alexandre Durand" <[EMAIL PROTECTED]> wrote:
> > > I want to make an authenticat
gt;
Sent: Monday, August 09, 2004 11:06 PM
Subject: Re: PEAP LDAP
> "Alexandre Durand" <[EMAIL PROTECTED]> wrote:
> > I want to make an authentication PEAP between Win XP, openldap, and
> > freeradius. I ve a problem between mschapv2 and openldap. Indeed, I make
"Alexandre Durand" <[EMAIL PROTECTED]> wrote:
> I want to make an authentication PEAP between Win XP, openldap, and
> freeradius. I ve a problem between mschapv2 and openldap. Indeed, I make a
> test with PEAP without openldap and its works. But if i want to use openldap
> + freeradius with peap i
st regards,
Alexandre.
Thanks for your help.
- Original Message -
From: "Alan DeKok" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, August 09, 2004 3:42 PM
Subject: Re: PEAP LDAP
> "alexandre durand" <[EMAIL PROTECTED]> wrote:
&
"alexandre durand" <[EMAIL PROTECTED]> wrote:
> rlm_eap_peap: Had sent TLV failure, rejecting.
...
> i don't understand this problem. Can u help me
That says there was a PREVIOUS error.
Read the REST of the debugging messages.
I just don't understand the idea that only the last 3-4 line
t 6
auth: Failed to validate the user.
I don't see what I must do !
THks.
Lionel Gavage
-Message d'origine-
De : [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] la part de
Jean-Paul Chapalain
Envoye : lundi 16 fevrier 2004 12:12
A : [EMAIL PROTECTED]
Objet : Re: PEAP/LDAP
Hi Li
Hi Lionel,
I have your radiusd.conf file, (thanks!!).
But I have a simple question: if I have TL and TTL in my radius.conf, what
eap-type will use freeradius TLS or TTLS?
it's the client who decide the eap-type?
Thanks in advan!!!
José Luis Solano
SGI - Soluciones Globales Internet S.A.
Delega
Hi Lionel,
I succeeded in do to run a configuration only for EAP/TTLS with a LDAP
backend.
I use freeradius-snapshot of 04/feb/2004 and TTLS client of Alfa & Arris
(SecureW2) on WinXP.
See below 'users' file :
# a0153 : Define the user for 802.1x Authentication
#--
36 matches
Mail list logo