hi,
Working getting FreeRadius talking to a WPA2 Enterprise network.
At this time, having gone through the instructions:
This command (local user in ..users) works great:
radtest -t mschap bob hello 127.0.0.1:18120 0 testing123
Comes right back with 'hello bob' as it should. So presumably mschap is working at some level, and Windows connects to it without much fuss and bother.
This command doesn't:
radtest -t mschap farhadtest Rambo5201 127.0.0.1:18120 0 testing123
It tries to auth against ldap, is *not* working from the CLI, and Windows can't connect (obviously). Is mschap even working? It looks like it is, but something else is misconfigured that's blocking external auth.
Radius -X output is below, with a successful and unsuccessful auth. here are questions. - I thought I had configured this to talk to our ldap host as I've done with others, and yet it's ignoring the ldap module. I'm trying to ID where I missed it in the configuration.... - It's not doing EAP on either authentication, and I don't know why. I've configured it from scratch with the instructions, and it's close but no cigar so far. Why is EAP a noop? It looks like it's configured in both default and inner-tunnel....
in the first instance, you will need to decide how you are taking to LDAP - either looking things up (oracle) or binding to LDAP use the user , either way will give you some restrictions as to what you can and cant do http://deployingradius.com/documents/protocols/oracles.html in the second instance , its not doing EAP because radtest is not an EAP testing tool - you need to use eg eapol_test (from the wpa_supplicant package) or other tool to test EAP on the command line (which I would strongly suggest you do before bringing in real traffic from Access Points and clients..... regards alan