<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000066">
<font face="serif">Hmm... All good info, but it makes me wonder if I'm
going about this the best way.<br>
<br>
This is my goal:<br>
<br>
Wireless users and desktop computers on the same subnet (IPCop Blue,
for those keeping score at home) will need to log in with a user name
and password, which are kept on the MySQL server.<br>
<br>
I want this to be as easy as possible for as many people as possible.
I came up with my client settings by going with the defaults. I would
like to use whatever is easiest for the users to implement.<br>
<br>
I really appreciate you time, Thank you.<br>
</font><br>
Alan DeKok wrote:
<blockquote cite="mid:4727852F.70005@deployingradius.com" type="cite">
<pre wrap="">Doc. Caliban wrote:
</pre>
<blockquote type="cite">
<pre wrap="">I hate to ask this, but I'm running out of time on this project and I'm
completely new to RADIUS. I would be really happy if someone could just
point me to a detailed HOW TO for what I need.
</pre>
</blockquote>
<pre wrap=""><!---->
<a class="moz-txt-link-freetext" href="http://www.freeradius.org/doc/EAPTLS.pdf">http://www.freeradius.org/doc/EAPTLS.pdf</a>
You need EAP-TLS to do PEAP.
</pre>
<blockquote type="cite">
<pre wrap="">I have freeRADIUS set up with an external MySQL user database and it's
successfully authorizing requests from NTRadPing.
</pre>
</blockquote>
<pre wrap=""><!---->
Which helps, but isn't enough. Wireless uses a LOT more technologies
than just basic RADIUS.
</pre>
<blockquote type="cite">
<pre wrap="">So far I'm not having any luck, and I don't mind saying that I'm a
little over my head at this point. Someone familiar with this will
probably see glaring problems.
</pre>
</blockquote>
<pre wrap=""><!---->
The debug output tries to be helpful. Honest.
</pre>
<blockquote type="cite">
<pre wrap="">Access Point:
D-Link DWL-7100AP (Ciscos coming in January)
WPA-EAP
TKIP
Client Laptop:
WPA Enterprise
TKIP
PEAP (Other options: EAP-SIM, TLS, TTLS, LEAP, EAP-FAST)
</pre>
</blockquote>
<pre wrap=""><!---->
So... that should be an indication that you need PEAP.
</pre>
<blockquote type="cite">
<pre wrap="">I set up an AP to use RADIUS, and the requests get through to the RADIUS
server, but they always fail. Posted below is the debug output from the
failed attempt.
</pre>
</blockquote>
<pre wrap=""><!---->...
</pre>
<blockquote type="cite">
<blockquote type="cite">
<pre wrap=""> rlm_eap: EAP-NAK asked for EAP-Type/peap
rlm_eap: No such EAP type peap
</pre>
</blockquote>
</blockquote>
<pre wrap=""><!---->
You say that the clients will do PEAP, but you haven't configured PEAP
in the server.
Alan DeKok.
-
List info/subscribe/unsubscribe? See <a class="moz-txt-link-freetext" href="http://www.freeradius.org/list/users.html">http://www.freeradius.org/list/users.html</a>
</pre>
</blockquote>
</body>
</html>