- then fold in the Ldap authorization
Hope this helps
gm...
- Original Message -
From: Arnauld Dravet [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, June 23, 2004 8:40 AM
Subject: Re: radius, 802.1x, eap/tls, and edirectory (ldap)
Have you looked at the make output
PROTECTED]
Sent: Wednesday, June 23, 2004 6:18 AM
Subject: Re: radius, 802.1x, eap/tls, and edirectory (ldap)
i really can't get CVS to work. Compiles fine, but i tried several cvs
versions
and i got that at startup:
Module: Instantiated unix (unix)
radiusd.conf[9] Failed to link to module
PROTECTED]
Sent: Tuesday, June 22, 2004 3:53 PM
Subject: Re: radius, 802.1x, eap/tls, and edirectory (ldap)
Gary Alan,
Thanks guys. Sorry for being so stupid about all of this, but thanks to
ya'll and the
reading that I've done is this short period of time, I have learned a
great deal about
Have you looked at the make output from the compile to see if there are
any error or warning messages?
yep it was my fault i have openssl 0.9.6 and 0.9.7 installed for certificate
generation, and of course i forgot to link freeradius-cvs against 0.9.7 =) works
much better now, at least
Update of the previous mail: when i choose on the client to not validate the
server certificate chain, radius crashes when opening the TTLS tunnel:
rlm_ldap: user arnauld.dravet authorized to use remote access
rlm_ldap: ldap_release_conn: Release Id: 0
modcall[authorize]: module ldap returns
Alan,
At your request, I'll try to reformat this so that it is presented as a
problem/challenge
rather than a why doesn't my solution work post:
Problem:
My AP is a 3com 7250. It requires that you enable 802.1x on itself, the client, and
the radius server if you want to use the radius server
Mack [EMAIL PROTECTED] wrote:
I have successfully implemented EAP-TLS authentication between the
client, AP, and freeradius. Now I am attempting to add LDAP
authentication, but have not been successful.
Because it's impossible. EAP-TLS provides *nothing* with which to
do LDAP
Mack,
Take a look at the following URL:
http://3w.denobula.com:5/EAPTLS.pdf
It may be a little dated but all of the info is still relevent... one thing to take
notice of is
there is NO user password exchanged as EAP/TLS does not use a user's password
for authentication - that chore is
Gary Alan,
Thanks guys. Sorry for being so stupid about all of this, but thanks to ya'll and the
reading that I've done is this short period of time, I have learned a great deal about
how this stuff works.
When using TTLS or PEAP, it seems that I'll still need EAP-TLS...but just on the
It looks like maybe the 0.9.3 version of freeradius does not support TTLS.
Is this
correct? If so, does the CVS version include support? Sorry if this, too,
is
documented somewhere, but I just thought I'd ask while I was here.
I grabbed compiled the CVS few hours ago in the goal to
On Tue, 2004-06-22 at 12:53, Mack wrote:
I'll look into demoing third party clients. Know of any free ones, though?
Mack,
While buying all new client cards is probably not an option, buying one
for testing may be. ZyXEL offers a free version of both the Funk and
Meetinghouse supplicants which
Arnauld,
I am still making sure my configs are okay before starting up the CVS version. Will
let you know how it goes.
I am using the drivers provided by 3COM for my wireless nic, which is a
3CRPAG175a really nice a/b/g card with an xjack antenna.
My supplicant is whatever comes stock
I'm also a total newbie in wifi world =) spent 4 days on this auth thing and
can't get it to work yet ..
i'm not using Novell LDAP, it's an openldap with all our users infos in it:
windows passwords without the 0x in front of the passwords (tried to add it
manually, result is that i can't log
Arnauld,
About your runtime error...
I'm getting this one:
Failed to link to module 'rlm_exec': rlm_exec.a: cannot open shared object file: No
such file or directory
This happens straight out of the box, running radiusd -X...no configuration changes
made yet (testing if it runs). I'm
example snippets).
gm...
- Original Message -
From: Mack [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, June 18, 2004 11:52 PM
Subject: radius, 802.1x, eap/tls, and edirectory (ldap)
Hi,
I'm a newbie to all of this, so please bear with me. This list
Mack [EMAIL PROTECTED] wrote:
I had scanned them prior to posting, but there seem to be no solutions
to all of the problems people have with this configuration.
From what I can seem you're trying to use EAP-TLS, *and* some kind
of LDAP authorization/authentication, but you're not putting the
Alan,
I agree...I should read the docs and the lists more thoroughly.
My AP requires that I enable 802.1x in order to use RADIUS authentication. So, I
figured I'd use EAP-TLS. I'm just testing now...using an XP client, so I chose to use
EAP-TLS. I want to use LDAP because that's where our
PROTECTED]
Sent: Sunday, June 20, 2004 10:30 PM
Subject: Re: radius, 802.1x, eap/tls, and edirectory (ldap)
Gary,
I had scanned them prior to posting, but there seem to be no
solutions to
all of the
problems people have with this configuration. My impression is that
most
..
- Original Message -
From: Mack [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Sunday, June 20, 2004 10:30 PM
Subject: Re: radius, 802.1x, eap/tls, and edirectory (ldap)
Gary,
I had scanned them prior to posting, but there seem to be no
solutions to
all
]...
gm...
- Original Message -
From: Mack [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, June 21, 2004 8:21 PM
Subject: Re: radius, 802.1x, eap/tls, and edirectory (ldap)
Gary,
No, no, not you. I didn't mean you...sorry. You've been
helpful...more so, you've
Mack [EMAIL PROTECTED] wrote:
My AP requires that I enable 802.1x in order to use RADIUS
authentication. So, I figured I'd use EAP-TLS.
Are you picking it at random, or are youi looking at the features it
offers, and using your requirements to decide on a solution?
I'm just testing
).
gm...
- Original Message -
From: Mack [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, June 18, 2004 11:52 PM
Subject: radius, 802.1x, eap/tls, and edirectory (ldap)
Hi,
I'm a newbie to all of this, so please bear with me. This list is
all
I've got!
We
11:52 PM
Subject: radius, 802.1x, eap/tls, and edirectory (ldap)
Hi,
I'm a newbie to all of this, so please bear with me. This list is all
I've got!
We are introducing a wireless infrastructure on our campus (a little late
in the game).
Right now we're in testing phase. In this testing
Hi,
I'm a newbie to all of this, so please bear with me. This list is all I've got!
We are introducing a wireless infrastructure on our campus (a little late in the
game).
Right now we're in testing phase. In this testing phase, We are using several 3com
7250 AP's, some 3com cards capable
24 matches
Mail list logo
