On 12/09/2010 06:25 PM, Rob Yamry wrote:
I have a HP JetDirect 690n print server that Im trying to authenticate via FreeRadius 2.1.8 for wireless clients to use. If I tell the 690 to use peap then I get the error "ERROR! Our request for peap was NAK'd with a request for peap". If I tell it to use eap-tls I get the error "ERROR! Our request for tls was NAK'd with a request for tls".
That's pretty weird. In the debug you send, it gets part-way through the PEAP setup, then does a NAK. That is fairly broken. This is a wild guess, but maybe the printer doesn't have (or doesn't trust) your CA certificate, so it's terminating the PEAP (and presumably the TLS too) with a NAK. It *should* send an SSL alert over the PEAP link before doing that IMHO
have a user setup in the users file, but it still tries to search ldap
So don't configure LDAP.
for that user. I can login fine with the local "ktest" user via radtest or ntradping. Debug log from a peap request is here:
radtest does not do eap. Google for "eapol_test" for a CLI way to test the EAP setup.