<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-2">
<META content="MSHTML 6.00.2900.2802" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>Hi folks</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>I'm new here and I'm trying to configure Radius for
my home wireless network. I use RADIUS on fedora core 4, my AP is WRT54G and
clients are on WindowsXp sp2. </FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>I made everythig with "how to" on page <A
href="http://www.linuxjournal.com/article/8095">http://www.linuxjournal.com/article/8095</A>.
But I still don't have authentication with Radius. In radius log I get
message</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>rlm_eap_tls: Length Included<BR>Wed Dec 28
15:41:18 2005 : Error: TLS_accept:error in SSLv3 read
client certificate A <BR>Wed Dec 28 15:41:19 2005 : Info: rlm_eap_tls:
Length Included<BR>Wed Dec 28 15:41:19 2005 : Error: --> verify
error:num=20:unable to get local issuer certificate <BR>Wed Dec 28 15:41:19 2005
: Error: TLS Alert write:fatal:unknown CA <BR>Wed Dec 28 15:41:19 2005 :
Error: TLS_accept:error in SSLv3 read client certificate
B <BR>Wed Dec 28 15:41:19 2005 : Error: rlm_eap_tls: SSL_read failed in a system
cal</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>When I try to do radiusd -X -A I get</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>Starting - reading configuration files
...<BR>reread_config: reading radiusd.conf<BR>Config:
including file: /usr/local/etc/raddb/proxy.conf<BR>Config: including
file: /usr/local/etc/raddb/clients.conf<BR>Config: including file:
/usr/local/etc/raddb/snmp.conf<BR>Config: including file:
/usr/local/etc/raddb/eap.conf<BR>Config: including file:
/usr/local/etc/raddb/sql.conf<BR> main: prefix =
"/usr/local"<BR> main: localstatedir = "/usr/local/var"<BR> main:
logdir = "/usr/local/var/log/radius"<BR> main: libdir =
"/usr/local/lib"<BR> main: radacctdir =
"/usr/local/var/log/radius/radacct"<BR> main: hostname_lookups =
no<BR> main: max_request_time = 30<BR> main: cleanup_delay =
5<BR> main: max_requests = 1024<BR> main: delete_blocked_requests =
0<BR> main: port = 0<BR> main: allow_core_dumps = no<BR> main:
log_stripped_names = no<BR> main: log_file =
"/usr/local/var/log/radius/radius.log"<BR> main: log_auth =
no<BR> main: log_auth_badpass = no<BR> main: log_auth_goodpass =
no<BR> main: pidfile =
"/usr/local/var/run/radiusd/radiusd.pid"<BR> main: user =
"nobody"<BR> main: group = "nobody"<BR> main: usercollide =
no<BR> main: lower_user = "no"<BR> main: lower_pass =
"no"<BR> main: nospace_user = "no"<BR> main: nospace_pass =
"no"<BR> main: checkrad = "/usr/local/sbin/checkrad"<BR> main:
proxy_requests = yes<BR> proxy: retry_delay = 5<BR> proxy: retry_count
= 3<BR> proxy: synchronous = no<BR> proxy: default_fallback =
yes<BR> proxy: dead_time = 120<BR> proxy: post_proxy_authorize =
yes<BR> proxy: wake_all_if_all_dead = no<BR> security: max_attributes
= 200<BR> security: reject_delay = 1<BR> security: status_server =
no<BR> main: debug_level = 0<BR>read_config_files: reading
dictionary<BR>read_config_files: reading naslist<BR>Using deprecated
naslist file. Support for this will go away
soon.<BR>read_config_files: reading clients<BR>read_config_files:
reading realms<BR>radiusd: entering modules setup<BR>Module: Library
search path is /usr/local/lib<BR>Module: Loaded exec<BR> exec: wait =
yes<BR> exec: program = "(null)"<BR> exec: input_pairs =
"request"<BR> exec: output_pairs = "(null)"<BR> exec: packet_type =
"(null)"<BR>rlm_exec: Wait=yes but no output defined. Did you mean
output=none?<BR>Module: Instantiated exec (exec)<BR>Module: Loaded
expr<BR>Module: Instantiated expr (expr)<BR>Module: Loaded PAP<BR> pap:
encryption_scheme = "crypt"<BR>Module: Instantiated pap (pap)<BR>Module: Loaded
CHAP<BR>Module: Instantiated chap (chap)<BR>Module: Loaded
MS-CHAP<BR> mschap: use_mppe = yes<BR> mschap: require_encryption =
no<BR> mschap: require_strong = no<BR> mschap: with_ntdomain_hack =
no<BR> mschap: passwd = "(null)"<BR> mschap: authtype =
"MS-CHAP"<BR> mschap: ntlm_auth = "(null)"<BR>Module: Instantiated mschap
(mschap)<BR>Module: Loaded System<BR> unix: cache = no<BR> unix:
passwd = "(null)"<BR> unix: shadow = "(null)"<BR> unix: group =
"(null)"<BR> unix: radwtmp =
"/usr/local/var/log/radius/radwtmp"<BR> unix: usegroup = no<BR> unix:
cache_reload = 600<BR>Module: Instantiated unix (unix)<BR>Module: Loaded
eap<BR> eap: default_eap_type = "tls"<BR> eap: timer_expire =
60<BR> eap: ignore_unknown_eap_types = no<BR> eap:
cisco_accounting_username_bug = no<BR>rlm_eap: Loaded and initialized type
md5<BR>rlm_eap: Loaded and initialized type leap<BR> gtc: challenge =
"Password: "<BR> gtc: auth_type = "PAP"<BR>rlm_eap: Loaded and initialized
type gtc<BR> tls: rsa_key_exchange = no<BR> tls: dh_key_exchange =
yes<BR> tls: rsa_key_length = 512<BR> tls: dh_key_length =
512<BR> tls: verify_depth = 0<BR> tls: CA_path =
"(null)"<BR> tls: pem_file_type = yes<BR> tls: private_key_file =
"/usr/local/etc/raddb/certs/server_keycert.pem"<BR> tls: certificate_file =
"/usr/local/etc/raddb/certs/server_keycert.pem"<BR> tls: CA_file =
"/usr/local/etc/raddb/certs/demoCA/cacert.pem"<BR> tls:
private_key_password = "adam01"<BR> tls: dh_file =
"/usr/local/etc/raddb/certs/dh"<BR> tls: random_file =
"/usr/local/etc/raddb/certs/random"<BR> tls: fragment_size =
1024<BR> tls: include_length = yes<BR> tls: check_crl =
no<BR> tls: check_cert_cn = "(null)"<BR>rlm_eap: Loaded and initialized
type tls<BR> mschapv2: with_ntdomain_hack = no<BR>rlm_eap: Loaded and
initialized type mschapv2<BR>Module: Instantiated eap (eap)<BR>Module: Loaded
preprocess<BR> preprocess: huntgroups =
"/usr/local/etc/raddb/huntgroups"<BR> preprocess: hints =
"/usr/local/etc/raddb/hints"<BR> preprocess: with_ascend_hack =
no<BR> preprocess: ascend_channels_per_line = 23<BR> preprocess:
with_ntdomain_hack = no<BR> preprocess: with_specialix_jetstream_hack =
no<BR> preprocess: with_cisco_vsa_hack = no<BR>Module: Instantiated
preprocess (preprocess)<BR>Module: Loaded realm<BR> realm: format =
"suffix"<BR> realm: delimiter = "@"<BR> realm: ignore_default =
no<BR> realm: ignore_null = no<BR>Module: Instantiated realm
(suffix)<BR>Module: Loaded files<BR> files: usersfile =
"/usr/local/etc/raddb/users"<BR> files: acctusersfile =
"/usr/local/etc/raddb/acct_users"<BR> files: preproxy_usersfile =
"/usr/local/etc/raddb/preproxy_users"<BR> files: compat = "no"<BR>Module:
Instantiated files (files)<BR>Module: Loaded
Acct-Unique-Session-Id<BR> acct_unique: key = "User-Name, Acct-Session-Id,
NAS-IP-Address, Client-IP-Address, NAS-Port"<BR>Module: Instantiated acct_unique
(acct_unique)<BR>Module: Loaded detail<BR> detail: detailfile =
"/usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d"<BR> detail:
detailperm = 384<BR> detail: dirperm = 493<BR> detail: locking =
no<BR>Module: Instantiated detail (detail)<BR>Module: Loaded
radutmp<BR> radutmp: filename =
"/usr/local/var/log/radius/radutmp"<BR> radutmp: username =
"%{User-Name}"<BR> radutmp: case_sensitive = yes<BR> radutmp:
check_with_nas = yes<BR> radutmp: perm = 384<BR> radutmp: callerid =
yes<BR>Module: Instantiated radutmp (radutmp)<BR>Listening on authentication
*:1812<BR>Listening on accounting *:1813<BR>Listening on proxy *:1814<BR>Ready
to process requests.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>And now nothing is happen.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>So if you now how please help me</DIV>
<DIV><BR></DIV></FONT></BODY></HTML>