an infamous LDAP-FreeRadius question
Matt Ashfield
mda at unb.ca
Tue Jul 11 17:56:19 CEST 2006
Actually, I only have the ldap -to- radius authentication when doing a
radtest. There's no eap involved at that point. I think my issue of adding
the EAP/802.1x stuff is where I'm hitting the snag.
Matt Ashfield
Network Analyst
Integrated Technology Services
University of New Brunswick
(506) 447-3033
mda at unb.ca
-----Original Message-----
From: Zoltan Ori [mailto:z.ori at morehead-st.edu]
Sent: July 11, 2006 12:33 PM
To: mda at unb.ca; 'FreeRadius users mailing list'
Subject: Re: an infamous LDAP-FreeRadius question
On Tuesday 11 July 2006 10:10, Matt Ashfield wrote:
> When I try to connect via 802.1x from a wireless client my Radius server
> debgging looks like below. Obviously the TLS session is not being setup
> correctly. I'm wondering about the private_key_password attribute. I just
> set it to "whatever" but that needs to correspond to a user on the LDAP
> server doesn't it? I'm not sure that's been set up.
You might try not using an ldaps connection if your LDAP server allows it.
Comment out all the TLS in the ldap section. This TLS/SSL connection to your
LDAP server is a separate issue from 802.1x. That's just between the RADIUS
server and LDAP. Once you've got everything else going, go back and work
with
the ldaps.
The main thing is to change only one thing at a time. Then you'll know
exactly
what broke it and what didn't. I believe you had LDAP working before, didn't
you?
Zoltan Ori
More information about the Freeradius-Users
mailing list