Hi.<br><br>I'm istalling freeradius on a debian machine, with OpenSSL 0.9.8d 28 Sep 2006, but i'm having some problems (i'm a newbie in radius)<br><br><font size="6"><span style="font-weight: bold;">eap.conf</span></font><br>
<br> eap {<br> default_eap_type = peap<br> timer_expire = 60<br> ignore_unknown_eap_types = no<br> cisco_accounting_username_bug = no<br><br> #md5 {<br> #}<br><br> #leap {
<br> #}<br><br> #gtc {<br> # challenge = "Password: "<br> # auth_type = PAP<br> #}<br><br> # To generate ctest certificates, run the script<br> # ../scripts/certs.sh
<br> # <a href="http://www.dslreports.com/forum/remark,9286052~mode=flat">http://www.dslreports.com/forum/remark,9286052~mode=flat</a><br><br> tls {<br> private_key_password = radiusUDP<br> private_key_file = ${raddbdir}/certs/cert-
srv.pem<br> certificate_file = ${raddbdir}/certs/cert-srv.pem<br> CA_file = ${raddbdir}/certs/demoCA/cacert.pem<br> dh_file = ${raddbdir}/certs/dh<br> random_file = ${raddbdir}/certs/random
<br> fragment_size = 1024<br> include_length = yes<br> check_crl = yes<br> check_cert_issuer = "/C=GB/ST=Berkshire/L=Newbury/O=My Company Ltd"<br> check_cert_cn = %{User-Name}
<br> cipher_list = "DEFAULT"<br> }<br><br> #ttls {<br> #default_eap_type = peap<br> #copy_request_to_tunnel = no<br> #use_tunneled_reply = no<br> #}
<br><br> peap {<br> default_eap_type = mschapv2<br> copy_request_to_tunnel = no<br> use_tunneled_reply = no<br> proxy_tunneled_request_as_eap = yes<br> }<br><br> mschapv2 {
<br> }<br> }<br><br><font size="6">radius.conf can be downloaded <a href="http://200.14.84.251/%7Edromero/radiusd.conf">here</a><br><br>The log:<br></font><br>Starting - reading configuration files ...<br>reread_config: reading
radiusd.conf<br>Config: including file: /usr/local/etc/raddb/proxy.conf<br>Config: including file: /usr/local/etc/raddb/clients.conf<br>Config: including file: /usr/local/etc/raddb/eap.conf<br>Config: including file: /usr/local/etc/raddb/sql.conf
<br> main: prefix = "/usr/local"<br> main: localstatedir = "/usr/local/var"<br> main: logdir = "/usr/local/var/log/radius"<br> main: libdir = "/usr/local/lib"<br> main: radacctdir = "/usr/local/var/log/radius/radacct"
<br> main: hostname_lookups = no<br> main: max_request_time = 30<br> main: cleanup_delay = 5<br> main: max_requests = 1024<br> main: delete_blocked_requests = 0<br> main: port = 0<br> main: allow_core_dumps = no<br> main: log_stripped_names = no
<br> main: log_file = "/usr/local/var/log/radius/radius.log"<br> main: log_auth = no<br> main: log_auth_badpass = no<br> main: log_auth_goodpass = no<br> main: pidfile = "/usr/local/var/run/radiusd/radiusd.pid"
<br> main: user = "(null)"<br> main: group = "(null)"<br> main: usercollide = no<br> main: lower_user = "no"<br> main: lower_pass = "no"<br> main: nospace_user = "no"<br> main: nospace_pass = "no"
<br> main: checkrad = "/usr/local/sbin/checkrad"<br> main: proxy_requests = yes<br> proxy: retry_delay = 5<br> proxy: retry_count = 3<br> proxy: synchronous = no<br> proxy: default_fallback = yes<br> proxy: dead_time = 120
<br> proxy: post_proxy_authorize = no<br> proxy: wake_all_if_all_dead = no<br> security: max_attributes = 200<br> security: reject_delay = 1<br> security: status_server = no<br> main: debug_level = 0<br>read_config_files: reading dictionary
<br>read_config_files: reading naslist<br>Using deprecated naslist file. Support for this will go away soon.<br>read_config_files: reading clients<br>read_config_files: reading realms<br>radiusd: entering modules setup
<br>Module: Library search path is /usr/local/lib<br>Module: Loaded exec <br> exec: wait = yes<br> exec: program = "(null)"<br> exec: input_pairs = "request"<br> exec: output_pairs = "(null)"
<br> exec: packet_type = "(null)"<br>rlm_exec: Wait=yes but no output defined. Did you mean output=none?<br>Module: Instantiated exec (exec) <br>Module: Loaded expr <br>Module: Instantiated expr (expr) <br>Module: Loaded eap
<br> eap: default_eap_type = "peap"<br> eap: timer_expire = 60<br> eap: ignore_unknown_eap_types = no<br> eap: cisco_accounting_username_bug = no<br> tls: rsa_key_exchange = no<br> tls: dh_key_exchange = yes<br>
tls: rsa_key_length = 512<br> tls: dh_key_length = 512<br> tls: verify_depth = 0<br> tls: CA_path = "(null)"<br> tls: pem_file_type = yes<br> tls: private_key_file = "/usr/local/etc/raddb/certs/cert-srv.pem
"<br> tls: certificate_file = "/usr/local/etc/raddb/certs/cert-srv.pem"<br> tls: CA_file = "/usr/local/etc/raddb/certs/demoCA/cacert.pem"<br> tls: private_key_password = "radiusUDP"<br> tls: dh_file = "/usr/local/etc/raddb/certs/dh"
<br> tls: random_file = "/usr/local/etc/raddb/certs/random"<br> tls: fragment_size = 1024<br> tls: include_length = yes<br> tls: check_crl = yes<br> tls: check_cert_cn = "%{User-Name}"<br> tls: cipher_list = "DEFAULT"
<br> tls: check_cert_issuer = "/C=GB/ST=Berkshire/L=Newbury/O=My Company Ltd"<br><span style="color: rgb(255, 0, 0);">rlm_eap_tls: Loading the certificate file as a chain</span><br style="color: rgb(255, 0, 0);">
<span style="color: rgb(255, 0, 0);">rlm_eap: SSL error error:0906D06C:PEM routines:PEM_read_bio:no start line</span><br style="color: rgb(255, 0, 0);"><span style="color: rgb(255, 0, 0);">rlm_eap_tls: Error reading private key file
</span><br style="color: rgb(255, 0, 0);"><span style="color: rgb(255, 0, 0);">rlm_eap: Failed to initialize type tls</span><br style="color: rgb(255, 0, 0);"><span style="color: rgb(255, 0, 0);">radiusd.conf[1]: eap: Module instantiation failed.
</span><br style="color: rgb(255, 0, 0);"><span style="color: rgb(255, 0, 0);">radiusd.conf[398] Unknown module "eap".</span><br style="color: rgb(255, 0, 0);"><span style="color: rgb(255, 0, 0);">radiusd.conf[381] Failed to parse authenticate section.
</span><br><br>Help!!! ;)<br>