On Wed, 27 Oct 2010, Alan DeKok wrote:
James Smallacombe wrote:
However, I need to get this working with a newer, more complex setup that's using Pam, Ldap, ippools, groups, etc. I just installed 2.1.10 with OpenSSL support (had to run ldconfig afterwards, though). It's able to authenticate Pam and LDAP for apache and PPTP users fine. However, I need to be able to auth users from a Cisco 1142N Controller based LW AP. The test user (Macbook) is configured to do 802.1X TTLS auth only with PAP as the inner tunnel. Worked ok with the old server, as mentioned. However, on the new one, this is the debugging info I get (I'll try to keep it to what's relevant):
As always, start off with the default config. and make small changes. TTLS works, LDAP works, TTLS + LDAP works, etc. So there shouldn't be any problem with the technology. It's just how exactly will it be configured...
I never doubted the technology, only myself. :-/ As it turns out, I was as usual, way overthinking the problem. After wasting several hours playing with certificates, eap.cnf, etc, it turns out the real problem was just that I needed to uncomment "pam" in sites-available/inner-tunnel. James Smallacombe PlantageNet, Inc. CEO and Janitor up@3.am http://3.am =========================================================================