Freeradius and Linksys WRT54GS

Guy Davies Guy.Davies at telindus.co.uk
Thu Sep 1 11:59:28 CEST 2005 

Are you sure that the Linksys AP supports LEAP.  LEAP is a somewhat
proprietary Cisco method that places unusual requirements on the AP
(unlike other EAP methods that are simply converted from EAP in EAPOL to
EAP in RADIUS by the AP).  I know that Linksys is now owned by Cisco but
I am not sure that they've implemented LEAP capabilities.  AFAIK, Apple
is the only other vendor to support LEAP.

LEAP isn't a particularly strong EAP method anyway.  I'd recommend (and
so would Cisco, now) using a different method (PEAP/MS-CHAPv2 if you
must, EAP/TTLS if you can).  So long as the Linksys can do EAP
passthrough, you should be OK with these.

Rgds,

Guy

> -----Original Message-----
> From: freeradius-users-bounces at lists.freeradius.org 
> [mailto:freeradius-users-bounces at lists.freeradius.org] On 
> Behalf Of Thierry
> Sent: 01 September 2005 10:25
> To: freeradius-users at lists.freeradius.org
> Subject: Freeradius and Linksys WRT54GS
> 
> 
> Hi,
> 
> I got a freeradius configured to handle LEAP authentication.
> 
> it works with a Cisco AP Cisco Airnet 1100:
> client 10.0.0.1 {
>        secret = secret
>        shortname = apcisco
>        nastype = cisco
> }
> 
> But it fail for linksys WRT54GS:
> 
> client 192.168.1.1
> {
>        secret = secret
>        shortname = linksys
>        nastype = cisco
> }
> 
> I tried different nastype :
> With other or nastype commented, nothing happen after 
> identity frames. With cisco nastype, LEAP didn't finish, AP 
> does not send the last frame to respond to supplicant challenge.
> 
> Is there a specific nastype for Linksys ot this AP is bugged 
> ? I tried with another RADIUS (SBR/Windows) with the same comportment.
> 
> Do you know other AP than cisco ones that permit 802.1X 
> successfully with freeradius ?
> 
> Cordialement,
> 
> -- 
>  Thierry                          mailto:freeradius at yar-glah.org
> 
> 
> - 
> List info/subscribe/unsubscribe? See 
> http://www.freeradius.org/list/users.html
> 

This e-mail is private and may be confidential and is for the intended recipient only.  If misdirected, please notify us by telephone and confirm that it has been deleted from your system and any copies destroyed.  If you are not the intended recipient you are strictly prohibited from using, printing, copying, distributing or disseminating this e-mail or any information contained in it.  We use reasonable endeavours to virus scan all e-mails leaving the Company but no warranty is given that this e-mail and any attachments are virus free.  You should undertake your own virus checking.  The right to monitor e-mail communications through our network is reserved by us.

More information about the Freeradius-Users mailing list