Need help with 802.1X authentication to Active Directory

Bryant Marsh bryantmarsh at cookielee.com
Fri Jun 15 20:53:22 CEST 2007


Ivan,

Well in my EAP.Conf file, I have in the eap module a default_eap_type = peap
and in my peap module the default_eap_type = mschapv2

Is that correct?


tnt wrote:
> 
> Have you read the bit of eap.conf titled:
> 
>  !!!!! WARNINGS for Windows compatibility  !!!!!
> 
> just above the peap module?
> 
> Ivan Kalik
> Kalik Informatika ISP
> 
> 
> Dana 15/6/2007, "Bryant Marsh" <bryantmarsh at cookielee.com> piše:
> 
>>
>>Hi Alan,
>>
>>My initial config on Centos was to turn firewall off.
>>I do have authentication going on, but it looks like the certificates are
>>not working.
>>
>>I uploaded a doc with the output of the debug on the first message.
>>
>>
>>http://www.nabble.com/file/p11144608/radius-auth.doc radius-auth.doc
>>
>>Bryant
>>
>>
>>
>>Hi,
>>
>>> I have FreeRadius setup as outlined by the Howto at this link.
>>> http://wiki.freeradius.org/FreeRADIUS_Active_Directory_Integration_HOWTO
>>>
>>> I am using CENTOS 5 as the host system actiing as the SAMBA/RADIUS
>>> server.
>>> All the *.conf files are configured as directed.
>>> I have joined the radius server to the Active Directory domain and
>>> configured the radius server with custom SSL certificates.
>>>
>>> The Radius server starts correctly but I cannot get my supplicant to
>>> authenticate.
>>> Any Ideas?
>>
>>> Listening on authentication *:1812
>>> Listening on accounting *:1813
>>> Ready to process requests.
>>
>>
>>
>>....followed by silence. nothing there. no attempts to talk RADIUS ever
seen.
>>
>>looks very much like you need to let the firewall on the CentOS box allow
>>UDP ports 1812/1813 through
>>
>>/sbin/iptables -L -n
>>
>>
>>alan
>>-
>>List info/subscribe/unsubscribe? See
>>http://www.freeradius.org/list/users.html
>>
>>
>>--
>>View this message in context:
http://www.nabble.com/Need-help-with-802.1X-authentication-to-Active-Directory-tf3925261.html#a11144608
>>Sent from the FreeRadius - User mailing list archive at Nabble.com.
>>
>>-
>>List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
>>
>>
> 
> - 
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
> 
> 

-- 
View this message in context: http://www.nabble.com/Need-help-with-802.1X-authentication-to-Active-Directory-tf3925261.html#a11145180
Sent from the FreeRadius - User mailing list archive at Nabble.com.





More information about the Freeradius-Users mailing list