Doubt - Freeradius + Ldap
Josip Rodin
joy at entuzijast.net
Mon Nov 1 20:36:06 CET 2010
On Tue, Nov 02, 2010 at 07:30:23AM +1300, Peter Lambrechtsen wrote:
> It's probably since you didn't compile OpenLDAP and FreeRadius with OpenSSL
> support.
>
> So you will need to recompile OpenLDAP, Cyrus SASL, OpenLDAP and FreeRadius.
No, no, no, and no. <sigh>
If you want to read random debug messages, don't pick just any.
Yes, he doesn't have SSL support, but the log also says pretty clearly:
> > Mon Nov 1 15:06:10 2010 : Debug: rlm_eap: No EAP-Message, not doing EAP
When the client does not use EAP, it's completely irrelevant that the server
doesn't have support for SSL-using EAP methods.
And there's clearly no reason to recompile even FR, let alone three other
different pieces of software. (For the former, just use lenny-backports.)
The final error state is:
> > Mon Nov 1 15:06:10 2010 : Auth: Login incorrect:
> > [eduardo/1\320\026\305\020B)\323I\211????\001\nx\204] (from client
> > BrasilTelecom port 1812)
> > Mon Nov 1 15:06:10 2010 : Debug: WARNING: Unprintable characters in the
> > password. Double-check the shared secret on the server and the NAS!
So, have you double-checked the shared secret?
--
2. That which causes joy or happiness.
More information about the Freeradius-Users
mailing list