peap/eap tls authentication

tnt at kalik.co.yu tnt at kalik.co.yu
Fri Oct 12 21:50:22 CEST 2007


You are using an old version of the server. Which one? Why don't you use
the latest?

>dkupis Auth-Type := system
>        Service-Type = NAS-Prompt-User,
>       cisco-avpair == "shell:priv-lvl=15",
>        idle-timeout = 1800

1. How sure are you that you can get to the command prompt over a
wireless interface? I don't think that will work.

2. Try something like:

dkupis   User-Password == "whatever"[, Auth-Type := EAP]

try without Auth-Type first. If it doesn't start EAP convesation add it.

Ivan Kalik
Kalik Informatika ISP


With this you should try to put User-Password instead of Auth-Type on the
first line.

Dana 12/10/2007, "Dorota Kupis" <dkupis at yukoncollege.yk.ca> piše:

>I do post users
>thanks
>
>-----Original Message-----
>From: freeradius-users-bounces at lists.freeradius.org [mailto:freeradius-users-bounces at lists.freeradius.org] On Behalf Of tnt at kalik.co.yu
>Sent: Friday, October 12, 2007 12:03 PM
>To: FreeRadius users mailing list
>Subject: Re: peap/eap tls authentication
>
>You are setting up Auth-Type System. Post the entry in users file:
>
>> users: Matched entry dkupis at line 1
>
>Ivan Kalik
>Kalik Informatika ISP
>
>
>Dana 12/10/2007, "Dorota Kupis" <dkupis at yukoncollege.yk.ca> piše:
>
>>Hello,
>>
>> 
>>
>>I'm not familiar with freeradius yet. I read some HOWTOs and I do try to
>>make wireless Windows XP talk to Radius server. I have an AP 1131. I
>>have managed to make this configuration work with cisco ACS in the past,
>>so AP part should be OK.
>>
>> 
>>
>>I do send the output from radiusd -X
>>
>>Hope somebody can help me to point out which parts of configuration
>>should I look into and what possible problems could be.
>>
>> 
>>
>>Thanks for your understanding.
>>
>> 
>>
>>Dorota
>>
>>
>>
>
>-
>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>




More information about the Freeradius-Users mailing list