Are you sure that the Linksys AP supports LEAP. LEAP is a somewhat proprietary Cisco method that places unusual requirements on the AP (unlike other EAP methods that are simply converted from EAP in EAPOL to EAP in RADIUS by the AP). I know that Linksys is now owned by Cisco but I am not sure that they've implemented LEAP capabilities. AFAIK, Apple is the only other vendor to support LEAP. LEAP isn't a particularly strong EAP method anyway. I'd recommend (and so would Cisco, now) using a different method (PEAP/MS-CHAPv2 if you must, EAP/TTLS if you can). So long as the Linksys can do EAP passthrough, you should be OK with these. Rgds, Guy
-----Original Message----- From: freeradius-users-bounces@lists.freeradius.org [mailto:freeradius-users-bounces@lists.freeradius.org] On Behalf Of Thierry Sent: 01 September 2005 10:25 To: freeradius-users@lists.freeradius.org Subject: Freeradius and Linksys WRT54GS
Hi,
I got a freeradius configured to handle LEAP authentication.
it works with a Cisco AP Cisco Airnet 1100: client 10.0.0.1 { secret = secret shortname = apcisco nastype = cisco }
But it fail for linksys WRT54GS:
client 192.168.1.1 { secret = secret shortname = linksys nastype = cisco }
I tried different nastype : With other or nastype commented, nothing happen after identity frames. With cisco nastype, LEAP didn't finish, AP does not send the last frame to respond to supplicant challenge.
Is there a specific nastype for Linksys ot this AP is bugged ? I tried with another RADIUS (SBR/Windows) with the same comportment.
Do you know other AP than cisco ones that permit 802.1X successfully with freeradius ?
Cordialement,
-- Thierry mailto:freeradius@yar-glah.org
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
This e-mail is private and may be confidential and is for the intended recipient only. If misdirected, please notify us by telephone and confirm that it has been deleted from your system and any copies destroyed. If you are not the intended recipient you are strictly prohibited from using, printing, copying, distributing or disseminating this e-mail or any information contained in it. We use reasonable endeavours to virus scan all e-mails leaving the Company but no warranty is given that this e-mail and any attachments are virus free. You should undertake your own virus checking. The right to monitor e-mail communications through our network is reserved by us.