Alan,
Find out which module is blocking the server, and why.
Okay, here is a newbie question: How do I do this? The embedded network controller is should be able to support upto 50 concurrent wireless clients using WPA2-PEAP. Here is my config: (One thing that struck me as I was copying the config here is that I probably need to disable proxying because the set up does not proxy any requests) ========= clients.conf =============== client localhost { ipaddr = 127.0.0.1 secret = testing123 require_message_authenticator = no nastype = other } client 192.168.0.232/24 { secret = testing123 shortname = test-net } ========= radiusd.conf ========= prefix = /usr exec_prefix = ${prefix} sysconfdir = ${prefix}/etc localstatedir = /tmp sbindir = ${exec_prefix}/sbin logdir = ${localstatedir} raddbdir = ${sysconfdir}/raddb radacctdir = ${logdir}/radacct name = radiusd # Location of config and logfiles. confdir = ${raddbdir} run_dir = ${localstatedir} # Should likely be ${localstatedir}/lib/radiusd db_dir = ${raddbdir} libdir = ${exec_prefix}/lib pidfile = ${run_dir}/${name}.pid max_request_time = 30 cleanup_delay = 5 max_requests = 1024 listen { type = auth ipaddr = * port = 0 } listen { ipaddr = * port = 0 type = acct } hostname_lookups = no # Core dumps are a bad thing. This should only be set to 'yes' # if you're debugging a problem with the server. # # allowed values: {no, yes} # allow_core_dumps = no # Regular expressions # # These items are set at configure time. If they're set to "yes", # then setting them to "no" turns off regular expression support. # # If they're set to "no" at configure time, then setting them to "yes" # WILL NOT WORK. It will give you an error. # regular_expressions = yes extended_expressions = yes # # Logging section. The various "log_*" configuration items # will eventually be moved here. # log { destination = files file = ${logdir}/radius.log syslog_facility = daemon stripped_names = no auth = no auth_badpass = no auth_goodpass = no } # The program to execute to do concurrency checks. checkrad = ${sbindir}/checkrad security { max_attributes = 200 reject_delay = 1 status_server = yes } proxy_requests = yes $INCLUDE proxy.conf $INCLUDE clients.conf thread pool { start_servers = 5 max_servers = 64 min_spare_servers = 3 max_spare_servers = 10 max_requests_per_server = 0 } modules { $INCLUDE ${confdir}/modules/ $INCLUDE eap.conf } instantiate { exec expr expiration logintime } $INCLUDE policy.conf $INCLUDE sites-enabled/ ========= eap.conf ========= eap { default_eap_type = peap timer_expire = 60 ignore_unknown_eap_types = no cisco_accounting_username_bug = no max_sessions = 2048 md5 { } leap { } gtc { challenge = "Password: " } tls { certdir = ${confdir}/certs cadir = ${confdir}/certs private_key_password = whatever private_key_file = ${certdir}/server.pem certificate_file = ${certdir}/server.pem CA_file = ${cadir}/ca.pem dh_file = ${certdir}/dh random_file = ${certdir}/random cipher_list = "DEFAULT" make_cert_command = "${certdir}/bootstrap" cache { enable = no lifetime = 24 # hours max_entries = 255 } } ttls { default_eap_type = md5 copy_request_to_tunnel = no use_tunneled_reply = no virtual_server = "inner-tunnel" } peap { default_eap_type = mschapv2 copy_request_to_tunnel = no use_tunneled_reply = no virtual_server = "inner-tunnel" } mschapv2 { } }