802.1x and LDAP

Kris Benson kbenson at sd57.bc.ca
Fri Aug 19 23:07:21 CEST 2005


FreeRadius users mailing list <freeradius-users at lists.freeradius.org> on
August 19, 2005 at 10:54 -0800 wrote:
>With each of these I still have the problem where the Access-Request  
>packet doesn't contain a User-Password attribute. I am guessing that  
>there is something very fundamental that I am not understanding..  
>like "there isn't supposed to be a User-Password attribute coming  
>from the AP" but if that's the case then I really don't understand  
>how we authenticate against the LDAP directory without a password.

Hi there,

Do some reasearch on configuring TTLS with FreeRadius -- there's a howto
around somewhere.  Once you get TTLS/PAP working (with the auth info in
the users file), you can easily make LDAP work.

An understanding of the tunnelling system used with most 802.1x auth
protocols would be helpful for you -- the trouble is that the password is
inside the tunnel, and your FreeRadius config isn't understanding your
tunnel.

-kb
--
Kris Benson, CCP, I.S.P.
Technical Analyst, District Projects
School District #57 (Prince George)




More information about the Freeradius-Users mailing list