Wired 802.1X + FreeRADIUS + LDAP issue

Ryan Garland sheffy at gmail.com
Tue Dec 13 05:34:36 CET 2011

On Mon, Dec 12, 2011 at 7:12 PM, Fajar A. Nugraha <list at fajar.net> wrote:
> On Tue, Dec 13, 2011 at 9:37 AM, Ryan Garland <sheffy at gmail.com> wrote:
>> Sorry, I should have been more clear.
>> I'm not sure what my options are with regards to Cleartext-Password
>> and using EAP-MD5, if that is indeed what is causing the failure.
> Then don't use EAP-MD5. If TTLS-PAP works for wireless, use the same
> one for wired.
> There should be an option to select which authentication method to use
> for wired 802.1x.

Ok, I changed auth type to PAP in the eapol_test configuration and it
worked.  Thanks, I didn't realize it was as simple as changing the
phase2 auth type.

However, my original problem persists.  My supplicant continues not to
respond to the FreeRADIUS Access-Challenge.

Keep in mind I am using the same .mobileconfig on my OS X Lion machine
and my iPhone 4S (IOS 5) and TTLS+PAP works fine for Wireless.  I am
not sure how to tell which authentication method the supplicant is
using for Wired as I can only see authentication protocols listed
under the Wi-Fi section of the profile generated using the iPhone
Configuration Utility (I was led to believe that the same profile can
work with both Wired and Wireless 802.1X, hence me being stumped).

If there is not an issue with FreeRADIUS as far as the experts on this
list can tell from the debug output in my original post (the Wired
failure attachment), then I may have to look elsewhere for input
(Apple support forums perhaps?  Ugh :P)

Thanks again for your assistance thus far.


More information about the Freeradius-Users mailing list