Christian Poessinger wrote:
Zoltan Ori wrote:
That's the problem everything is uncommented. Comment out ntlm_auth
and with_ntdomain_hack. If you have plain text passwords, you aren't
authenticating to a Windows domain controller, you don't have
windbindd and nmbd running, you don't need want
On Thursday 01 December 2005 09:19, Christian Poessinger wrote:
Fixed it myself. After removing
checkItem LM-Password userPassword
checkItem NT-Password userPassword
from the ldap.attrmap file, and adding
checkItem userPassword
Zoltan Ori wrote:
That's the problem everything is uncommented. Comment out ntlm_auth
and with_ntdomain_hack. If you have plain text passwords, you aren't
authenticating to a Windows domain controller, you don't have
windbindd and nmbd running, you don't need want them in your mschap
Zoltan Ori wrote:
On Monday 28 November 2005 12:32, Christian Poessinger wrote:
rlm_eap_peap: Had sent TLV failure, rejecting.
Use the latest available drivers for your wireless adaptor. I've
encountered many strange connectivity issues that are fixed with new
drivers.
If the supplicant
On Tuesday 29 November 2005 08:53, Christian Poessinger wrote:
I requested and installed this fix, but I still get the same error message
on the radius server.
rlm_eap_peap: EAPTLS_OK
rlm_eap_peap: Session established. Decoding tunneled attributes.
rlm_eap_peap: Received EAP-TLV
Zoltan Ori wrote:
Are there any other errors in the log? The actual reason for
rejection may come long before that.
Here is the complete log:
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /usr/local/etc/raddb/proxy.conf
Config:
Your problem lies here:
modcall: entering group Auth-Type for request 6
rlm_mschap: No User-Password configured. Cannot create LM-Password.
rlm_mschap: No User-Password configured. Cannot create NT-Password.
rlm_mschap: Told to do MS-CHAPv2 for USERNAME with NT-Password
rlm_mschap: FAILED:
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
Behalf Of Christian Poessinger
Sent: Tuesday, November 29, 2005 10:12 AM
To: 'FreeRadius users mailing list'
Subject: RE: WLAN 802.1x FreeRadius with LDAP
auth: type EAP
Processing the authenticate
On Tuesday 29 November 2005 11:07, Christian Poessinger wrote:
You didn't configure a password for the user.
Yes, I did. I have a userPassword atribute in my LDAP backend, also
it contains a clear text password. I can fully use this account in
the backend for ftp/ssh/http but not with
Zoltan Ori wrote:
You have ntlm_auth in your mschap configuration. You don't want that
for LDAP.
You don't need anything NT in that module. The default configuration
had everything commented out but authtype = MS-CHAP. Start with that
and then add what you need.
Nope, there is everything
-Original Message-
Zoltan Ori wrote:
You have ntlm_auth in your mschap configuration. You don't want that
for LDAP.
You don't need anything NT in that module. The default configuration
had everything commented out but authtype = MS-CHAP. Start with that
and then add what you
On Tuesday 29 November 2005 13:56, Christian Poessinger wrote:
Nope, there is everything uncommented. I also tried to add this to the
ldap.attrmap file:
That's the problem everything is uncommented. Comment out ntlm_auth and
with_ntdomain_hack. If you have plain text passwords, you aren't
King, Michael wrote:
Christian, That is what he is saying your problem is, everything is
uncommented
Sorry, with uncommented i ment that all is commented out. Sorry my fault.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
hi
ca somebody post a howto what describe the configuration:
- peap/mschapv2 with ldap and freeradius
- client configuration (M$ Windows XP, SecureW2)
thx
Zoltan A. Ori schrieb:
On Sunday 27 November 2005 06:52, Christian Poessinger wrote:
Yes, I'm trying to use PEAP, I have configured
On Monday 28 November 2005 04:31, Konne wrote:
hi
ca somebody post a howto what describe the configuration:
- peap/mschapv2 with ldap and freeradius
- client configuration (M$ Windows XP, SecureW2)
thx
There are many howtos available that can be found searching the mail archives
or
Konne [EMAIL PROTECTED] wrote:
ca somebody post a howto what describe the configuration:
- peap/mschapv2 with ldap and freeradius
- client configuration (M$ Windows XP, SecureW2)
http://www.freeradius.org/doc/ contains multiple howto's.
Alan DeKok.
-
List info/subscribe/unsubscribe?
Zoltan A. Ori wrote:
On Sunday 27 November 2005 06:52, Christian Poessinger wrote:
Yes, I'm trying to use PEAP, I have configured MS-CHAPv1 as
described in many Howtos.
MS-CHAP V2 is in the Howtos of PEAP that I have read. In any case,
there is no mschap info in the tunnel which is
On Monday 28 November 2005 12:32, Christian Poessinger wrote:
rlm_eap_peap: Had sent TLV failure, rejecting.
Use the latest available drivers for your wireless adaptor. I've encountered
many strange connectivity issues that are fixed with new drivers.
If the supplicant is XP SP2 you may need
Zoltan A. Ori wrote:
Are you trying to use PEAP/MSCHAP-V2? I don't see any mschapv2 in
your logs.
Yes, I'm trying to use PEAP, I have configured MS-CHAPv1 as described
in many Howtos.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Sunday 27 November 2005 06:52, Christian Poessinger wrote:
Yes, I'm trying to use PEAP, I have configured MS-CHAPv1 as described
in many Howtos.
MS-CHAP V2 is in the Howtos of PEAP that I have read. In any case, there is no
mschap info in the tunnel which is indicated in the error
On Saturday 26 November 2005 08:50, Christian Poessinger wrote:
rlm_eap_peap: Session established. Decoding tunneled attributes.
rlm_eap_tls: TLS 1.0 Alert [length 0002], fatal access_denied
TLS Alert read:fatal:access denied
rlm_eap_peap: No data inside of the tunnel.
rlm_eap:
Zoltan A. Ori wrote:
On Saturday 26 November 2005 08:50, Christian Poessinger wrote:
rlm_eap_peap: Session established. Decoding tunneled attributes.
rlm_eap_tls: TLS 1.0 Alert [length 0002], fatal access_denied
TLS Alert read:fatal:access denied
rlm_eap_peap: No data inside of the
On Saturday 26 November 2005 12:27, Christian Poessinger wrote:
Zoltan A. Ori wrote:
On Saturday 26 November 2005 08:50, Christian Poessinger wrote:
rlm_eap_peap: Session established. Decoding tunneled attributes.
rlm_eap_tls: TLS 1.0 Alert [length 0002], fatal access_denied
TLS
Zoltan A. Ori wrote:
I'm not an expert and am often wrong, but I don't think FreeRADIUS is
the problem here. Everything is working up to that point. Does it
break at the same place every time? Double check the NAS and
supplicant configurations.
-
List info/subscribe/unsubscribe? See
On Saturday 26 November 2005 13:58, Christian Poessinger wrote:
Zoltan A. Ori wrote:
I'm not an expert and am often wrong, but I don't think FreeRADIUS is
the problem here. Everything is working up to that point. Does it
break at the same place every time? Double check the NAS and
Christian Poessinger [EMAIL PROTECTED] wrote:
I tripplechecked the configs and found nothing. As i said, radtest works
fine. Ist this EAP thing.
You haven't said what supplicant you're using.
Also, it doesn't help that radtest works. radtest doesn't do EAP,
so it's testing a completely
26 matches
Mail list logo
