802.1x / EAP Assistance

Matthew Newton mcn at freeradius.org
Thu Oct 31 15:00:32 CET 2019


On Thu, 2019-10-31 at 09:29 -0400, J Kephart wrote:
> We are attempting to implement 802.1x/EAP for the first time, ad
> we're having some trouble diagnosing what's going on in the various
> stages of the communications between the NAS and FR.  We don't have
> any experience with it, so it's rather confusing.

Yeah, everyone starts somewhere. It's a lot to take in.


> We're using FR 2.2.8, with the test certs provided.

Why?

v2 is obsolete and end of life. Use v3.0.19, or at least a recent v3
release.


> The first says that the realm LOCAL is not defined, but in looking at
the config, it looks as though it is.

You can ignore that.


> There's also a report that there's a missing
> Cleartext-Password, but that is also defined in the database, so
> we're at a loss as to the cause of the failure.

It's in the database, but you've not told freeradius to look in the
database to pull it out.

Looking at the debug output, you need to add a call to "sql" in the
inner tunnel. At least, start there.

-- 
Matthew




More information about the Freeradius-Users mailing list