tion
first - then fold in the Ldap authorization
Hope this helps
gm...
- Original Message -
From: "Arnauld Dravet" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, June 23, 2004 8:40 AM
Subject: Re: radius, 802.1x, eap/tls, and edirectory (ldap)
Update of the previous mail: when i choose on the client to not validate the
server certificate chain, radius crashes when opening the TTLS tunnel:
rlm_ldap: user arnauld.dravet authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
modcall[authorize]: module "ldap" returns
> Have you looked at the "make" output from the compile to see if there are
> any error or warning messages?
yep it was my fault i have openssl 0.9.6 and 0.9.7 installed for certificate
generation, and of course i forgot to link freeradius-cvs against 0.9.7 =) works
much better now, at least r
AIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, June 22, 2004 3:53 PM
Subject: Re: radius, 802.1x, eap/tls, and edirectory (ldap)
> Gary & Alan,
>
> Thanks guys. Sorry for being so stupid about all of this, but thanks to
ya'll and the
> reading that I've done
auld Dravet" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, June 23, 2004 6:18 AM
Subject: Re: radius, 802.1x, eap/tls, and edirectory (ldap)
i really can't get CVS to work. Compiles fine, but i tried several cvs
versions
and i got that at startup:
Module: I
i really can't get CVS to work. Compiles fine, but i tried several cvs versions
and i got that at startup:
Module: Instantiated unix (unix)
radiusd.conf[9] Failed to link to module 'rlm_eap': file not found
[EMAIL PROTECTED]:/usr/local/freeradius-cvs#
don't know if i can use the rlm_eap module f
Arnauld,
About your runtime error...
I'm getting this one:
"Failed to link to module 'rlm_exec': rlm_exec.a: cannot open shared object file: No
such file or directory"
This happens straight out of the box, running radiusd -X...no configuration changes
made yet (testing if it runs). I'm run
I'm also a total newbie in wifi world =) spent 4 days on this auth thing and
can't get it to work yet ..
i'm not using Novell LDAP, it's an openldap with all our users infos in it:
windows passwords without the 0x in front of the passwords (tried to add it
manually, result is that i can't log in
Arnauld,
I am still making sure my configs are okay before starting up the CVS version. Will
let you know how it goes.
I am using the drivers provided by 3COM for my wireless nic, which is a
3CRPAG175a really nice a/b/g card with an xjack antenna.
My supplicant is whatever comes stock wit
On Tue, 2004-06-22 at 12:53, Mack wrote:
> I'll look into demoing third party clients. Know of any free ones, though?
Mack,
While buying all new client cards is probably not an option, buying one
for testing may be. ZyXEL offers a free version of both the Funk and
Meetinghouse supplicants which
> It looks like maybe the 0.9.3 version of freeradius does not support TTLS.
> Is this
> correct? If so, does the CVS version include support? Sorry if this, too,
> is
> documented somewhere, but I just thought I'd ask while I was here.
I grabbed & compiled the CVS few hours ago in the goal t
Gary & Alan,
Thanks guys. Sorry for being so stupid about all of this, but thanks to ya'll and the
reading that I've done is this short period of time, I have learned a great deal about
how this stuff works.
When using TTLS or PEAP, it seems that I'll still need EAP-TLS...but just on the
serv
Mack,
Take a look at the following URL:
http://3w.denobula.com:5/EAPTLS.pdf
It may be a little dated but all of the info is still relevent... one thing to take
notice of is
there is NO user password exchanged as EAP/TLS does not use a user's password
for authentication - that chore is handl
"Mack" <[EMAIL PROTECTED]> wrote:
> I have successfully implemented EAP-TLS authentication between the
> client, AP, and freeradius. Now I am attempting to "add" LDAP
> authentication, but have not been successful.
Because it's impossible. EAP-TLS provides *nothing* with which to
do LDAP authe
Alan,
At your request, I'll try to reformat this so that it is presented as a
problem/challenge
rather than a "why doesn't my solution work" post:
Problem:
My AP is a 3com 7250. It requires that you enable 802.1x on itself, the client, and
the radius server if you want to use the radius serve
"Gary McKinney" <[EMAIL PROTECTED]> wrote:
> Just curious ... Is there a "chart" or road-map showing what
> authentication methods work with what protocols?
TTLS can tunnel almost authentication protocol, except EAP-TLS,
TTLS, and PEAP. e.g. PAP, CHAP, MS-CHAP, EAP-GTC, EAP-MSCHAPv2, etc.
P
Alan,
Just curious ... Is there a "chart" or road-map showing what authentication methods
work
with what protocols?
The reason I ask is I am working on a PHP cript to generate the radius.conf file (yea
- I know)
and such a critter would help in the logic for the script...
Gary N. McKinne
"Mack" <[EMAIL PROTECTED]> wrote:
> My AP requires that I enable 802.1x in order to use RADIUS
> authentication. So, I figured I'd use EAP-TLS.
Are you picking it at random, or are youi looking at the features it
offers, and using your requirements to decide on a solution?
> I'm just testing
Turning off the NIC manager software "fixed"
> the problem
>
> As for YMMV it means "Your Mileage May Vary" [grin]...
>
> gm...
>
> - Original Message -----
> From: "Mack" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]&
;
To: <[EMAIL PROTECTED]>
Sent: Monday, June 21, 2004 8:21 PM
Subject: Re: radius, 802.1x, eap/tls, and edirectory (ldap)
> Gary,
>
> No, no, not you. I didn't mean you...sorry. You've been helpful...more
> so, you've shown a willingness to help. Thanks for that.
>
doing so - while
> 0.9.3 is stable I have found the pre-release code does more [ymmv]...
>
> gm..
>
> - Original Message -
> From: "Mack" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Sunday, June 20, 2004 10:30 PM
> Subject: Re: radius,
Alan,
I agree...I should read the docs and the lists more thoroughly.
My AP requires that I enable 802.1x in order to use RADIUS authentication. So, I
figured I'd use EAP-TLS. I'm just testing now...using an XP client, so I chose to use
EAP-TLS. I want to use LDAP because that's where our us
"Mack" <[EMAIL PROTECTED]> wrote:
> I had scanned them prior to posting, but there seem to be no solutions
> to all of the problems people have with this configuration.
From what I can seem you're trying to use EAP-TLS, *and* some kind
of LDAP authorization/authentication, but you're not putting
t; Check the email archives over the last three months - there is a great
> > deal of information on using EAP/TLS and how to use LDAP with
> > freeradius (including example snippets).
> >
> > gm...
> > ----- Original Message -
> > From: "Mack&
LDAP with
> freeradius (including example snippets).
>
> gm...
> - Original Message -
> From: "Mack" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Friday, June 18, 2004 11:52 PM
> Subject: radius, 802.1x, eap/tls, and edirectory (ldap)
Sent: Friday, June 18, 2004 11:52 PM
Subject: radius, 802.1x, eap/tls, and edirectory (ldap)
> Hi,
>
> I'm a newbie to all of this, so please bear with me. This list is all
I've got!
>
> We are introducing a wireless infrastructure on our campus (a little late
in the game
Hi,
I'm a newbie to all of this, so please bear with me. This list is all I've got!
We are introducing a wireless infrastructure on our campus (a little late in the
game).
Right now we're in testing phase. In this testing phase, We are using several 3com
7250 AP's, some 3com cards capable o
27 matches
Mail list logo