<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<META NAME="Generator" CONTENT="MS Exchange Server version 6.5.7652.24">
<TITLE>EAP-TLS</TITLE>
</HEAD>
<BODY>
<!-- Converted from text/plain format -->
<P><FONT SIZE=2>Hi,<BR>
<BR>
I've modified the eap.conf, clients.conf, and users respectfully but am getting the below error when started radius:<BR>
<BR>
<BR>
Module: Loaded eap<BR>
eap: default_eap_type = "tls"<BR>
eap: timer_expire = 60<BR>
eap: ignore_unknown_eap_types = no<BR>
eap: cisco_accounting_username_bug = no<BR>
rlm_eap: No EAP type configured, module cannot do anything.<BR>
radiusd.conf[10]: eap: Module instantiation failed.<BR>
radiusd.conf[1939] Unknown module "eap".<BR>
radiusd.conf[1886] Failed to parse authenticate section.<BR>
<BR>
The following are the config's I made. Please let me know if you see anything that needs to change just to get radius start.<BR>
<BR>
eap.conf<BR>
<BR>
default_eap_type =tls<BR>
tls {<BR>
private_key_password = whatever<BR>
private_key_file = ${raddbdir}/certs/cert-srv.pem<BR>
certificate_file = ${raddbdir}/certs/cert-srv.pem<BR>
<BR>
# Trusted Root CA list<BR>
CA_file = ${raddbdir}/certs/demoCA/cacert.pem<BR>
<BR>
dh_file = ${raddbdir}/certs/dh<BR>
random_file = ${raddbdir}/certs/random<BR>
<BR>
clients.conf<BR>
<BR>
client 148.85.0.0/16 {<BR>
#<BR>
# The shared secret use to "encrypt" and "sign" packets between<BR>
# the NAS and FreeRADIUS. You MUST change this secret from the<BR>
# default, otherwise it's not a secret any more!<BR>
#<BR>
# The secret can be any string, up to 31 characters in length.<BR>
#<BR>
secret = XXXXXXX<BR>
<BR>
#<BR>
# The short name is used as an alias for the fully qualified<BR>
# domain name, or the IP address.<BR>
#<BR>
shortname = WAPS<BR>
<BR>
users<BR>
<BR>
DEFAULT Auth-Type :=EAP<BR>
Tunnel-Type = "VLAN",<BR>
Tunnel-Medium-Type = "IEEE-802",<BR>
Tunnel-Private-Group-ID = "300",<BR>
<BR>
Thanks,<BR>
<BR>
Brian</FONT>
</P>
</BODY>
</HTML>