FreeRadius and Openldap authentication

Zoltan A. Ori z.ori at morehead-st.edu
Mon Jan 2 12:50:53 CET 2006


On Monday 02 January 2006 05:46, rwakim at mind-techno.fr wrote:

> Here is my problem:
>
> When I start the radtest binary:
>
> 	radtest "test" "supersecret" localhost 2 testing123
>

> 	rad_recv: Access-Reject packet from host 127.0.0.1:1812, id=45,
> length=20
>

You have set your server to do EAP. radtest does not do EAP use radeapclient 
for testing.

>
> Here is the log on the radius server (Started with radiusd -X):
>

> rlm_ldap: looking for reply items in directory...
> rlm_ldap: Adding radiusFilterId as Filter-Id, value
> Enterasys:version=1:policy=Enterprise User & op=11
> rlm_ldap: user test authorized to use remote access
> rlm_ldap: ldap_release_conn: Release Id: 0
>   modcall[authorize]: module "ldap" returns ok for request 3
> modcall: group authorize returns ok for request 3

LDAP seems to be working.


> The RADIUS users file:
>
> DEFAULT         Auth-Type := EAP
>                 Fall-Through = 1
> #               Reply-Message = "LDAP"
>
>
>

Don't set Auth-Type in the users file. Let the server figure it out.

> I would be grateful if you had a how-to or tutorial on how to build a
> easy and working 802.x authentication with a Radius/LDAP system.

Documentation and how-tos are available in your source doc directory, 
www.freeradius.org and wiki.freeradius.org.

Zoltan Ori




More information about the Freeradius-Users mailing list