On Thu, Aug 19, 2010 at 3:42 PM, rrperez <rrperez@apc.edu.ph> wrote:
Sorry for the inconvenience Alan, I'm just a student and currently studying/exploring radius servers.
You seem to be selectively ignoring some sugesstions though. It's fine if you REALLY know what you're doing, but this does not seem to be the case.
Now I changed all the configuration back to default and make the some configuration to make ldap works.
Here is the debug and it is quite different from the previous one:
Here's some things you need to take note of: (1) If you configure clients to use PEAPv0/EAP-MSCHAPv2 (or sometimes refered to as PEAP only), it does not supply plain-text/cleartext password (2) authenticating to Lotus Domino requires that you supply plain-text password, since Lotus stores password using some propietary hash/encryption (3) One of the EAP methods that can send plain-text password is PEAP-GTC (others on this list have suggested TTLS-PAP) (4) Windows by itself does not support PEAP-GTC or TTLS-PAP (5) Thus, you need third-party supplicant to have Windows be able to use EAP methods which sends cleartext password. Does this make sense so far? Have you use any third-party supplicant and configure them to do either PEAP-GTC or TTLS-PAP? If yes, the password that you typed when authenticating should show up in the debug log (which doesn't seem to be the case). See http://wiki.freeradius.org/Extensible_Authentication_Protocol http://lists.freeradius.org/pipermail/freeradius-users/2010-August/msg00297.... Commercial supplicant is also available: http://www.ciscosystems.com/en/US/products/ps7034/products_configuration_exa... -- Fajar