David Blackman wrote:
I have a lab that has wired ports that connect to a Linksys SLM248G switch that supports 802.1x. What I want to do do is to set this switch up to make the users authenticate to gain access to the network. The users will have an accounts on the radius server which is a FreeBSD 7.0 system running FreeRadius 2.06.
There is no version 2.0.6.
I would like them to be able to enter their username and password to access the network. Should this be possible?
Well... yes.
I get nothing from the radiusd -X if I have the windows xp EAP type: set to MD5-Challenge or Smart card or other Certificates.
So... the switch isn't forwarding the EAP packets to the server. Why is this the fault of the server?
I get the following if I have the windows xp supplicant EAP type: set to Protected EAP (PEAP) and Select Authentication Method: set to Secured password (EAP-MSCHAP v2) configured to automatically use my windows logon name... ... Sending Access-Challenge of id 0 to 128.227.232.133 port 49154 EAP-Message = 0x010700061900 Message-Authenticator = 0x00000000000000000000000000000000 State = 0xec6255ece9654c13c816ac1ff80419e2 Finished request 17. Going to the next request Waking up in 4.9 seconds. Cleaning up request 17 ID 0 with timestamp +190 Ready to process requests.
This is in the FAQ, and in BIG LETTERS in eap.conf. Please read those files. Alan DeKok.