Huckle Berry wrote:
First off, forgive me if this has been asked before on this list (I did do a search first, yet no results proved useful).
I am on a fact finding mission to see whether freeradius is going to be feasible to deploy in my environment (~50 users over ~40 windows and linux desktops). On a test network I have configured an Ubuntu 9.10 Server with a patched freeradius that has openssl (oh what fun that was to build).
? Building 2.1.7 with OpenSSL should be little more than editing a debian config file. 2.1.8 should be available in the Debian / Ubuntu repositories *with* OpenSSL support.
I have so far altered the original configuration by only a few lines, as everywhere I go I see Alan screaming "Don't change the config!".
Because people keep changing massive amounts of things they don't understand, and asking "why is it broken?"
I changed eap.conf by the following
default_eap_type = tls ... fragment_size = 1024 include_length = yes
Why?
[eap] Identity does not match User-Name, setting from EAP Identity. [eap] Failed in handler
Hmm... it *should* print out reasons why it failed. There must be a code path (i.e. one that happens rarely) where this doesn't happen. Alan DeKok.