Freeradius + TLS for Wifi networks

[Kris Benson]

mmoonshi at commgate.net on August 3, 2005 at 03:51 -0800 wrote:
>However, I noticed that we have had multiple dropped connections from
>Windows XP Pro with the Planet WAP-4000 and 3Com Office Connect Wireless
>Access Points every 30 to 45 minutes but the freeradius server logs does
>not show any errors.

Remember: the logs only show what is sent to the radius server -- if the
WAP doesn't send an accounting packet or authentication packet, nothing
will be in your logs.
>
>I don't think this is a freeradius issue but I need to verify with
>someone that this is not a radius related problem. 
>
It doesn't sound like it is.
>
>Is there any configuration parameters within freeradius that I can tweak
>to debug and check that radius is not the one causing this problem?

Well, if you start radius like so: "radiusd -X" it will output debug info
to stdout.  It's rather complete information, but it only starts one
process and may cause more output than you really want.
>
>Logically, I don't think it's a radius issue but I might be wrong.

The only way it's a radius issue is if the machine is trying to
reauthenticate, and radius is denying it the second time.  Of course, this
would show up in the radius logs if your AP was doing the right thing.
>
>If there is anyone that would like to get a copy of our RADIUS + TLS
>HOWTO documentation with to find out how we did this integration, please
>send me a personal email and I will send the PDF copy over.

I'd love to see your documentation -- we're in the process of writing our
own now, and anything that might have some more "gotchas" is good.

-kb
--
Kris Benson, CCP, I.S.P.
Technical Analyst, District Projects
School District #57 (Prince George)