Basic usage: What do I do next to get this to work?

Doc. Caliban doc.caliban at gmail.com
Tue Oct 30 22:27:37 CET 2007


Hmm... All good info, but it makes me wonder if I'm going about this the 
best way.

This is my goal:

Wireless users and desktop computers on the same subnet (IPCop Blue, for 
those keeping score at home) will need to log in with a user name and 
password, which are kept on the MySQL server.

I want this to be as easy as possible for as many people as possible.  I 
came up with my client settings by going with the defaults.  I would 
like to use whatever is easiest for the users to implement.

I really appreciate you time,  Thank you.

Alan DeKok wrote:
> Doc. Caliban wrote:
>   
>> I hate to ask this, but I'm running out of time on this project and I'm
>> completely new to RADIUS.  I would be really happy if someone could just
>> point me to a detailed HOW TO for what I need.
>>     
>
>   http://www.freeradius.org/doc/EAPTLS.pdf
>
>   You need EAP-TLS to do PEAP.
>
>   
>> I have freeRADIUS set up with an external MySQL user database and it's
>> successfully authorizing requests from NTRadPing. 
>>     
>
>   Which helps, but isn't enough.  Wireless uses a LOT more technologies
> than just basic RADIUS.
>
>   
>> So far I'm not having any luck, and I don't mind saying that I'm a
>> little over my head at this point.  Someone familiar with this will
>> probably see glaring problems.
>>     
>
>   The debug output tries to be helpful.  Honest.
>
>   
>> Access Point:
>> D-Link DWL-7100AP (Ciscos coming in January)
>> WPA-EAP
>> TKIP
>>
>> Client Laptop:
>> WPA Enterprise
>> TKIP
>> PEAP (Other options: EAP-SIM, TLS, TTLS, LEAP, EAP-FAST)
>>     
>
>   So... that should be an indication that you need PEAP.
>
>   
>> I set up an AP to use RADIUS, and the requests get through to the RADIUS
>> server, but they always fail.  Posted below is the debug output from the
>> failed attempt.
>>     
> ...
>   
>>>  rlm_eap: EAP-NAK asked for EAP-Type/peap
>>>  rlm_eap: No such EAP type peap
>>>       
>
>   You say that the clients will do PEAP, but you haven't configured PEAP
> in the server.
>
>   Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>   
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20071030/87e0bfeb/attachment.html>


More information about the Freeradius-Users mailing list