Freeradius 2.1.10 EAP-MD5 problem

Nabil nabil.benbelgacem at outlook.com
Sun Jan 4 18:36:04 CET 2015


Le 04/01/2015 16:22, A.L.M.Buxey at lboro.ac.uk a écrit :
> Hi,
>
>> Well, i have a little problem with freeradius. I have installed it on
>> Ubuntu Server 12.04 LTS. Here is my project. I want to make a radius
>> server where users can use an username and password to logon on access
>> points. But nothing more and nothing less. I have configured the radius
>> server for EAP-MD5 authentification but when i try to test the
> no. you've munged up your config pretty badly for it to fail that way.
>
> sart with the default config...it will work..then edit it to remove the things
> you arent using/dont need.
>
> but to save you more wasted time EAP-MD5 cannot be used for WPA2-Enterprise wireless
> authentication - for various reasons but the most basic is that the final access accept
> wont have the required keying information (I'll leave the fact that clients dont do it for
> your own discovery ;-) )
>
> alan
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Oh okay... Well is there another authentification mode to use for users 
? I'll explain what's my goal.

Previously, i used a hotspot system named Coovachilli and it was 
installed on a computer with freeradius. My goal was to let the access 
points configuration as open to do the authentification process via the 
radius server but like that i can't get the location of users because 
they're connected on the same NAS who is the radius server (when i have 
added acess points as clients in clients.conf, it doesn't work because 
the authentification isn't doing on them, it plays the bridge role.

AP ----|
AP ----| -------eth1- Coova+Radius Server -eth0----- |Router| -------- 
Internet
AP ----|


So, instead of that,  i wanted to configure on the access points the 
WPA2 enterprise security and with that, i can add them in the 
clients.conf file and it worked. And i can use daloradius to configure 
accounting and get informations from access points. But the problem is 
that i need the right EAP authentification without certificate and the 
only one i saw was the EAP-MD5...
What i want is :
- location of users connected (on which access points they are connected)
- a connection using an username and password only

If someone has an idea to resolve that, my head hurts, i'm quite lost 
right now... :(

Thank you


More information about the Freeradius-Users mailing list