Re : Anyone using dd-wrt for AP?
The settings below will help: SETUP Internet connection: IP on WAN Under Optional Settings Host Name: MyWireless (Name of your client-AP) Domain Name: yourdomain.com (Your own domain) MTU: Auto Under Network Setup Router Local IP: 192.168.1.1 Subnet: 255.255.255.0 Gateway: 0.0.0.0 DHCP DHCP Server: enabled WIRELESS Under Basic settings; Wireless mode: AP wireless Network Mode: Mixed Wireless Network Name: MyWireless (Name of your client-AP) Wireless Channel: 11-2.462GHz Wireless SSID Broadcast: enable Sensitivity Range: 2000 Under Radius MAC Radius Client: enable MAC format : aabbcc-ddeeff Radius Server Address: your radius server IP Radius Server port: 1812 MUU: Password format: shared key Radius shared secret: the secret of your cliet (AP) Wireless Security Security Mode: WPA Radius WPA Algorithms: TKIP+AES Radius Server Address: Your radius server IP Radius Server port: 1812 WPA shared key: the secret of your cliet (AP) key renewal interval: 3600 ADMINISTRATION management Routing: enable 802.1x : enable Make sure you have your client(AP) information in radius: client.conf ( AP IP , MyWireless, Shared Key) configure eap.conf and radius.conf as well. All the best. ================================================== Benjamin K. Eshun ----- Message d'origine ---- De : Ian Truelsen <ian.truelsen@gmail.com> À : FreeRadius users mailing list <freeradius-users@lists.freeradius.org> Envoyé le : Dimanche, 1 Avril 2007, 3h56mn 39s Objet : Anyone using dd-wrt for AP? I am trying to set up dd-wrt to use freeradius for authentication with EAP-TLS, however, I have run into a problem: there doesn't seem to be an option under the WPA encryption system for entering the freeradius secret. If anyone has got this working, can you let me know the where and how? The dd-wrt forums have been pretty silent on the issue. -- Ian Truelsen s/v Sting Email: ian.truelsen@gmail.com AIM: ihtruelsen MSN: ihtruelsen@hotmail.com Google Talk: ian.truelsen@gmail.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html ___________________________________________________________________________ Découvrez une nouvelle façon d'obtenir des réponses à toutes vos questions ! Profitez des connaissances, des opinions et des expériences des internautes sur Yahoo! Questions/Réponses http://fr.answers.yahoo.com
On Mon, 2007-04-02 at 08:40 +0000, Eshun Benjamin wrote:
The settings below will help: snip
Make sure you have your client(AP) information in radius: client.conf ( AP IP , MyWireless, Shared Key) configure eap.conf and radius.conf as well.
All the best.
Thanks, but I am still having some problems. I have the settings as you sent me, set up in the router. I have set both the radius secret on the radius section of the router setup and the WPA secret in the security section of the router as the same, namely: testing456. Now, I have this in my clients.conf: client 192.168.1.115/24 { nastype = other secret = testing456 shortname = dd-wrt } However, when I try to connect using this router, I get the following from the output of radiusd -X: Ready to process requests. rad_recv: Access-Request packet from host 192.168.3.115:3078, id=0, length=137 Received packet from 192.168.3.115 with invalid Message-Authenticator! (Shared secret is incorrect.) Dropping packet without response. Finished request 0 I am sure that I am doing something basic wrong, but I can't see it. Hopefully, some other eyes will spot the problem. Let me know if you need any more information. -- Ian Truelsen s/v Sting Email: ian.truelsen@gmail.com AIM: ihtruelsen MSN: ihtruelsen@hotmail.com Google Talk: ian.truelsen@gmail.com
Ian Truelsen wrote: ....
Now, I have this in my clients.conf: client 192.168.1.115/24 { nastype = other secret = testing456 shortname = dd-wrt }
However, when I try to connect using this router, I get the following from the output of radiusd -X:
Ready to process requests. rad_recv: Access-Request packet from host 192.168.3.115:3078, id=0, length=137
You posted the client configuration for 192.168.1.X, and are sending a request from 192.168.3.X. Look in "clients.conf" for a section defining client 192.168.3.X.
Received packet from 192.168.3.115 with invalid Message-Authenticator! (Shared secret is incorrect.) Dropping packet without response. Finished request 0
That's definitive. The shared secret is wrong. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog
participants (3)
-
Alan DeKok -
Eshun Benjamin -
Ian Truelsen