On 2013-07-09 at 00:52, Alan DeKok (aland@deployingradius.com) wrote:
Julian Macassey wrote:
So, I put it back in. I took it out earlier as 1. I couldn't connect with it. 2. My understanding from reading the docs was that pap alone would do the job.
(1) No, and (2) Not for 8021.X
I'm just trying to do a bog standard username and password for OS X and Linux users on laptops - Plus the ubiquitous smartphones of course. I have no Microsoft gear on the LAN.
Here is my latest output:
Which indicates that you didn't tell the server what the *good* password is for the user. Why not?
In the Wifi sign on window of both a Macbook and an iPhone, I enter the username and the password. So, from my sign on I have told the server both.
Read the FAQ. It has instructions for configuring a sample user. When you've done that, it *will* authenticate that user.
I have done that, if you mean putting username and password, plus shared secret in the /etc/freeradius/users file. Using radtest as described in the documentation I have done it and it works. What doesn't work is getting a Macbook to connect to a Netgear N600 WiFi Router using WPA2 Enterprise and freeradius using the username and login available to any user logging into the freeradius machine via the conole or ssh.
Getting 802.1X to work requires a number of steps. You've missed some. My guide goes through this in detail, and following it will *always* work:
I have read and followed http://deployingradius.com/documents/configuration/setup.html What I haven't yet done is replace the "snake oil" certs with production certs: http://deployingradius.com/documents/configuration/certificates.html But get the output I have sent before. The instructions above are for Microsoft Windows, but Linux and Mac OSX should be pretty standard. Yours