Matias wrote:
I've an Acces Point configured to ask my radius server for authentication, this servers uses as a backend an openldap server with SSHA passwords on it. I've followed all the manuals and documentation I've found and I can't get this to work.
http://deployingradius.com There is a step-by-step guide to getting EAP to work.
The problem as far as I can see is related to the outer tunnel, it seems that the user "anonymous" cannot be authenticated and everthing ends there.
No. The debug log clearly shows what the problem is.
auth: type "EAP" +- entering group authenticate rlm_eap: Request found, released from the list rlm_eap: EAP NAK rlm_eap: NAK asked for unsupported type 21
Type 21 is TTLS.
rlm_eap: No common EAP types found. rlm_eap: Failed in EAP select ++[eap] returns invalid auth: Failed to validate the user.
You have not configured the server to support TTLS. So... it doesn't do TTLS. Alan DeKok.