Login to Cisco devices through freeradius

Bruno Noronha bhnoronha at gmail.com
Fri Mar 20 15:49:29 CET 2009


Leighton, tks for help me. I agree with you, the messages are a little bit
confusing for me too.
That's what I thought, problems wich permission. That's why I did chmod 777,
even knowing that it's not recommended. After doing this, the issue
persist...I'm using the newest available version of freeradius.org.

Here follows the output of Makefile.

/etc/raddb/certs/Makefile
/etc/raddb/certs/Makefile: line 12: DH_KEY_SIZE: command not found
grep: server.cnf: No such file or directory
/etc/raddb/certs/Makefile: line 17: PASSWORD_SERVER: command not found
grep: ca.cnf: No such file or directory
/etc/raddb/certs/Makefile: line 18: PASSWORD_CA: command not found
grep: client.cnf: No such file or directory
/etc/raddb/certs/Makefile: line 19: PASSWORD_CLIENT: command not found
grep: client.cnf: No such file or directory
/etc/raddb/certs/Makefile: line 21: USER_NAME: command not found
/etc/raddb/certs/Makefile: line 28: .PHONY:: command not found
/etc/raddb/certs/Makefile: line 29: all:: command not found
/etc/raddb/certs/Makefile: line 31: .PHONY:: command not found
/etc/raddb/certs/Makefile: line 32: client:: command not found
/etc/raddb/certs/Makefile: line 34: .PHONY:: command not found
/etc/raddb/certs/Makefile: line 35: ca:: command not found
/etc/raddb/certs/Makefile: line 37: .PHONY:: command not found
/etc/raddb/certs/Makefile: line 38: server:: command not found
/etc/raddb/certs/Makefile: line 45: dh:: command not found
/etc/raddb/certs/Makefile: line 46: DH_KEY_SIZE: command not found

And the outpug of ls -ls on certs directory:

RADIUS:/etc/raddb/certs # ls -l
total 104
-rwxrwxrwx 1 root root    4210 Mar 17 10:49 01.pem
-rwxrwxrwx 1 root root    4441 Nov 19 14:20 Makefile
-rwxrwxrwx 1 root root    5343 Nov 19 14:20 README
-rwxrwxrwx 1 root radiusd  462 Nov 19 14:20 bootstrap
-rwxrwxrwx 1 root radiusd 1288 Nov 19 14:20 ca.cnf
-rwxrwxrwx 1 root root    1195 Mar 17 10:49 ca.der
-rwxrwxrwx 1 root root    1743 Mar 17 10:49 ca.key
-rwxrwxrwx 1 root root    1675 Mar 17 10:49 ca.pem
-rwxrwxrwx 1 root radiusd 1109 Nov 19 14:20 client.cnf
-rwxrwxrwx 1 root root     466 Mar 19 15:10 dh
-rwxrwxrwx 1 root root     120 Mar 17 10:49 index.txt
-rwxrwxrwx 1 root root      21 Mar 17 10:49 index.txt.attr
-rwxrwxrwx 1 root root       0 Mar 17 10:49 index.txt.old
-rwxrwxrwx 1 root root    1024 Mar 19 15:11 random
-rwxrwxrwx 1 root root       3 Mar 17 10:49 serial
-rwxrwxrwx 1 root root       3 Mar 17 10:49 serial.old
-rwxrwxrwx 1 root radiusd 1123 Nov 19 14:20 server.cnf
-rwxrwxrwx 1 root root    4210 Mar 17 10:49 server.crt
-rwxrwxrwx 1 root root    1062 Mar 17 10:49 server.csr
-rwxrwxrwx 1 root root    1743 Mar 17 10:49 server.key
-rwxrwxrwx 1 root root    2533 Mar 17 10:49 server.p12
-rwxrwxrwx 1 root root    3495 Mar 17 10:49 server.pem
-rwxrwxrwx 1 root root     578 Nov 19 14:20 xpextensions

2009/3/20 Leighton Man <l.j.man at hud.ac.uk>

>
>
>
>        There is nothing related to eap to comment out in these files...
>        Should I create a certificate? Is it compulsory?
>
>
>
> Hi,
> I've just struggled through all this so it's nice to try and help. Always
> take note of the FIRST error message in the debug. The later ones can be
> confusing if you don't understand what's going on.
> Your problem seems to be that the server can't read the certificate files.
> If they aren't there, it won't be able to. When I compiled freeradius it
> generated test certificates itself (after tweaking the Makefile). Are you
> using the latest version?
>
> You must have certificates to do SSL. They live in the raddb/certs
> directory.
>
> Regards,
>
> Leighton
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20090320/a9920c04/attachment.html>


More information about the Freeradius-Users mailing list