Login to Cisco devices through freeradius

A.L.M.Buxey at lboro.ac.uk A.L.M.Buxey at lboro.ac.uk
Fri Mar 20 14:21:45 CET 2009


Hi,
> There is nothing related to eap to comment out in these files...
> Should I create a certificate? Is it compulsory?

hang on - do you actually HAVE any EAP cert/CA files that you are referencing in eap.conf?

read eap.conf - see what files it is trying to read (cert, CA , pkcs12, random, etc)
and check you actually HAVE those files.  if you have those files, then ensure that the 
permissions for the directory and files are suitable for reading - you DONT EVER want 777

with 777 i could own your server and take over your infrastructure - you only want read
permissions on the files...for the relavant user that the freeradius daemon is running as
(usually radiusd)

what does 

id radiusd


give as output?

alan



More information about the Freeradius-Users mailing list