Basic wifi config

Philippe Schwarz phil at schwarz-fr.net
Tue May 4 15:37:25 CEST 2010 

Hi,
I set up the following config, tried to follow the advices of freeradius
website (don't touch anything you could break in the raddb directory ;-) )

The config (in french, sorry) i used :
http://www.openbsd-edu.net/index.php/FreeRadius

FreeRadius OS: OpenBSD 4.5
freeradius-2.1.3    RADIUS server implementation
192.168.1.9 & 172.16.0.133

AP : Linksys WRT54G
WPA Entreprise & TKIP
192.168.1.1

Client WinXP; SP2 DHCP

On the server :

pkg_add -v http://ftp.arcane-networks.fr/pub/OpenBSD/$(uname
-r)/packages/$(uname -m)/freeradius


echo "if [ -x /usr/local/sbin/radiusd ]; then
	install -d -o _freeradius /var/run/radiusd
	echo -n ' radiusd';	/usr/local/sbin/radiusd
fi
" >> /etc/rc.local


cp radius.pem /etc/raddb/certs/server.pem
chmod 744 /etc/raddb/certs/server.pem
cp ca.pem /etc/raddb/certs/ca.pem
chmod 744 /etc/raddb/certs/ca.pem

 openssl verify -verbose  -CApath /etc/raddb/certs/ -CAfile
/etc/raddb/certs/ca.pem /etc/raddb/certs/server.pem

=> /etc/raddb/certs/server.pem: OK

dd  if=/dev/urandom of=/etc/raddb/certs/random bs=1024 count=100
openssl dhparam -out /etc/raddb/certs/dh 1024

echo "
usertest Cleartext-Password := \"password\"
" >> /etc/raddb/users


echo "

#Nagios
client Nagios {
secret = SECRETNAGIOS
shortname =  Nagios
ipaddr = @IP NAgios
}

#Wifi AP3
client AP3 {
secret = \"SECRET_AP3\"
shortname = AP3
ipaddr = @IP AP3
nastype     = other
}

# En local
client localhost {
       ipaddr = 127.0.0.1
       secret          = \"SECRETLOCAL\"
       require_message_authenticator = no
       shortname       = localhost
       nastype     = other
}
" > /etc/raddb/clients.conf


ifconfig em0 alias 192.168.1.9 netmask 255.255.255.0

ifconfig -a
=>em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
=>inet 172.16.0.223 netmask 0xffff0000 broadcast 172.16.255.255
=>inet 192.168.1.9 netmask 0xffffff00 broadcast 192.168.1.255


/usr/local/sbin/radiusd -X


radtest local & radtest remote are OK for the local and Nagios clients.


Let's go to the XP...

When i try to use the Wifi, the radiusd -X tells :

.......I paste the logs to http://networkradius.com/freeradius.html
 and only copied the neither white nor blue parts :


WARNING: You set Proxy-To-Realm = LOCAL, but the realm does not exist!
Cancelling invalid proxy request.
No authenticate method (Auth-Type) configuration found for the request:
Rejecting the user
Failed to authenticate the user.


grep roxy * |grep -v "#"

attrs.access_reject:	Proxy-State =* ANY
attrs.accounting_response:	Proxy-State =* ANY
experimental.conf:		mod_preproxy = radiusd_test
experimental.conf:		func_preproxy = preproxy
experimental.conf:		mod_postproxy = radiusd_test
experimental.conf:		func_postproxy = postproxy
proxy.conf:proxy server {
radiusd.conf:proxy_requests  = no

What is the missing magic command which could help me ??

Thanks.
Best regards.

-- 
Lycée polyvalent Alfred Nobel, Clichy sous Bois
http://www.lyceenobel.org

More information about the Freeradius-Users mailing list