Need help with 802.1X authentication to Active Directory

tnt at kalik.co.yu tnt at kalik.co.yu
Thu Jun 21 13:44:23 CEST 2007


I can't see the fault with the server or the client (certificates are
there, wired 802.1x supplicant is enabled by default and set to do
EAP-TLS with certificate from local store by default). Only place left
to look is NAS.

Can you enable debug radius and see what does the log show?

Ivan Kalik
Kalik Informatika ISP


Dana 20/6/2007, "Bryant Marsh" <bryantmarsh at cookielee.com> piše:

>
>Yes, the cert-clt.p12 is imported to the personal and the cacert.pem is in
>the trusted root certificates.
>
>I was looking at another document that was putting chmod 0444 on the
>cert-clt.p12 and chmod 0400 on the cacert.pem.
>Then, chown to radius:users on both.
>Is that necessary?
>
>Thanks,
>Bryant.
>
>
>You don't need users file if all user/pass information is stored in AD.
>Can you check if imported certificate is in "Trusted Root" and not
>some other certificate folder. I can't think of any other reason why
>the conversation wouldn't start with your network configuration.
>
>Ivan Kalik
>Kalik Informatika ISP
>
>--
>View this message in context: http://www.nabble.com/Need-help-with-802.1X-authentication-to-Active-Directory-tf3925261.html#a11223473
>Sent from the FreeRadius - User mailing list archive at Nabble.com.
>
>-
>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>




More information about the Freeradius-Users mailing list