Hi Ivan,<br><br>I cant seem to authenticate my Windows XP client using EAP authentication. I have folllowed the steps in /etc/raddb/certs <br><br>This is my radius start up<br>Module: Instantiating eap-tls <br>
tls { <br> rsa_key_exchange = no <br> dh_key_exchange = yes <br>
rsa_key_length = 512 <br> dh_key_length = 512 <br> verify_depth = 0 <br>
pem_file_type = yes <br> private_key_file = "/etc/raddb/certs/server.pem" <br> certificate_file = "/etc/raddb/certs/server.pem" <br>
CA_file = "/etc/raddb/certs/ca.pem" <br> private_key_password = "myettelap" <br> dh_file = "/etc/raddb/certs/dh" <br>
random_file = "/etc/raddb/certs/random" <br> fragment_size = 1024 <br> include_length = yes <br>
check_crl = no <br> cipher_list = "DEFAULT" <br> make_cert_command = "/etc/raddb/certs/bootstrap" <br>
cache { <br> enable = no <br> lifetime = 24 <br>
max_entries = 255 <br> } <br> } <br>
Module: Linked to sub-module rlm_eap_ttls <br> Module: Instantiating eap-ttls <br> ttls { <br>
default_eap_type = "md5" <br> copy_request_to_tunnel = no <br> use_tunneled_reply = no <br>
virtual_server = "inner-tunnel" <br> } <br> Module: Linked to sub-module rlm_eap_peap <br>
Module: Instantiating eap-peap <br> peap { <br> default_eap_type = "mschapv2" <br>
copy_request_to_tunnel = no <br> use_tunneled_reply = no <br> proxy_tunneled_request_as_eap = yes <br>
virtual_server = "inner-tunnel" <br> } <br> Module: Linked to sub-module rlm_eap_mschapv2 <br>
Module: Instantiating eap-mschapv2 <br> mschapv2 { <br> with_ntdomain_hack = no <br>
} <br> Module: Checking authorize {...} for more modules to load <br> Module: Linked to module rlm_realm <br>
Module: Instantiating suffix <br> realm suffix { <br> format = "suffix" <br>
delimiter = "@" <br> ignore_default = no <br> ignore_null = no <br>
} <br> Module: Linked to module rlm_files <br> Module: Instantiating files <br>
files { <br> usersfile = "/etc/raddb/users" <br> acctusersfile = "/etc/raddb/acct_users" <br>
preproxy_usersfile = "/etc/raddb/preproxy_users" <br> compat = "no" <br> } <br>
Module: Checking session {...} for more modules to load <br> Module: Linked to module rlm_radutmp <br> Module: Instantiating radutmp <br>
radutmp { <br> filename = "/var/log/radius/radutmp" <br> username = "%{User-Name}" <br>
case_sensitive = yes <br> check_with_nas = yes <br> perm = 384 <br>
callerid = yes <br> } <br> Module: Checking post-proxy {...} for more modules to load <br>
Module: Checking post-auth {...} for more modules to load <br> Module: Linked to module rlm_attr_filter <br> Module: Instantiating attr_filter.access_reject <br>
attr_filter attr_filter.access_reject { <br> attrsfile = "/etc/raddb/attrs.access_reject" <br> key = "%{User-Name}" <br>
} <br> } <br>} <br>
modules { <br> Module: Checking authenticate {...} for more modules to load <br> Module: Checking authorize {...} for more modules to load <br>
Module: Linked to module rlm_preprocess <br> Module: Instantiating preprocess <br> preprocess { <br>
huntgroups = "/etc/raddb/huntgroups" <br> hints = "/etc/raddb/hints" <br> with_ascend_hack = no <br>
ascend_channels_per_line = 23 <br> with_ntdomain_hack = no <br> with_specialix_jetstream_hack = no <br>
with_cisco_vsa_hack = no <br> with_alvarion_vsa_hack = no <br> } <br>
Module: Checking preacct {...} for more modules to load <br> Module: Linked to module rlm_acct_unique <br> Module: Instantiating acct_unique<br>
acct_unique {<br> key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"<br> }<br> Module: Checking accounting {...} for more modules to load<br> Module: Linked to module rlm_detail<br>
Module: Instantiating detail<br> detail {<br> detailfile = "/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d"<br> header = "%t"<br> detailperm = 384<br> dirperm = 493<br>
locking = no<br> log_packet_header = no<br> }<br> Module: Instantiating attr_filter.accounting_response<br> attr_filter attr_filter.accounting_response {<br> attrsfile = "/etc/raddb/attrs.accounting_response"<br>
key = "%{User-Name}"<br> }<br> Module: Checking session {...} for more modules to load<br> Module: Checking post-proxy {...} for more modules to load<br> Module: Checking post-auth {...} for more modules to load<br>
}<br>radiusd: #### Opening IP addresses and Ports ####<br>listen {<br> type = "auth"<br> ipaddr = *<br> port = 0<br>}<br>listen {<br> type = "acct"<br> ipaddr = *<br>
port = 0<br>}<br>Listening on authentication address * port 1812<br>Listening on accounting address * port 1813<br>Listening on proxy address * port 1814<br>Ready to process requests.<br>^[[6~^[[6~<br><br><br><div class="gmail_quote">
2010/1/20 Devinder Singh <span dir="ltr"><<a href="mailto:devinbhullar@gmail.com">devinbhullar@gmail.com</a>></span><br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div>Hi Ivan,</div>
<div> </div>
<div>I created the certificates basd on the README file in etc/raddb and copied ca.der and client.p12 to Windows XP</div>
<div> </div>
<div>I also also made changed to the Makefile which runs on XP but when i connect to the SSID i get authentication failde and the radius does not seem to get any response from the Proxim AP.</div>
<div> </div>
<div><br clear="all"><br>-- <br>Devinder<br></div>
</blockquote></div><br><br clear="all"><br>-- <br>Devinder<br>