eap-ttls + PAP using Crypt-Password obtained by ldap

Florian Prester Florian.Prester at rrze.uni-erlangen.de
Fri Aug 12 09:17:51 CEST 2005


Alan DeKok wrote:

>Florian Prester <Florian.Prester at rrze.uni-erlangen.de> wrote:
>  
>
>>I configured as you told, but I still get an error at the freeradius:
>>    
>>
>
>  You haven't shown the contents of the packet.
>
>  
>
>>Thu Aug 11 17:06:02 2005 : Auth: rlm_pap: Attribute "Password" is 
>>required for authentication.
>>    
>>
>
>  You've told the server to do PAP authentication, but there's no
>password in the request.  Don't do that.
>
>  
>
>>I added "DEFAULT                Auth-Type := pap" at the end of the 
>>users-file, without it wants to use ldap-authentication!
>>    
>>
>
>  Which ALSO forces the server to do PAP when it receives an EAP
>request.
>
>  Solution:
>
>  1) read "man users"
>  2) change := to =
>
>  Alan DeKok.
>- 
>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>  
>
ok, after I set ":=" to "=" the radius is trying to do EAP with md5.
So I think the wpa_supplicant is telling the radius to do so. Which of 
course need an Password-attribute.

So back again to the wpa_supplicant-configuration, how do I configure 
EAP-TTLS with PAP as inner authentication?

thanks
for all the help.

Florian Prester



-- 
--------------------------------------------------------------
Dipl. Inf. Florian Prester
Network Administration
Regionales RechenZentrum Erlangen
Universitaet Erlangen-Nuernberg
Germany

Tel.: +499131 8527813




More information about the Freeradius-Users mailing list