FreeRADIUS with PEAP problems
Alhagie Puye
APuye at datawave.com
Tue Jan 3 00:22:09 CET 2006
________________________________
From: freeradius-users-bounces+apuye=datawave.com at lists.freeradius.org on behalf of Alhagie Puye
Sent: Mon 1/2/2006 3:43 PM
To: FreeRadius users mailing list
Subject: RE: FreeRADIUS with PEAP problems
________________________________
From: freeradius-users-bounces+apuye=datawave.com at lists.freeradius.org on behalf of Alan DeKok
Sent: Mon 1/2/2006 2:28 PM
To: FreeRadius users mailing list
Subject: Re: FreeRADIUS with PEAP problems
Ok, I found what the problem is....thanks to Zoltan. The last "}" should have been before the "peap" section. I had accidentally placed the "peap" section inside the "tls" section.
I have changed the eap.conf file to look like this now and it works fine.
eap {
default_eap_type = peap
timer_expire = 60
ignore_unknown_eap_types = no
cisco_accounting_username_bug = no
tls {
private_key_password = whatever
private_key_file = ${raddbdir}/certs/freebsd.puyenet.com.pem
certificate_file = ${raddbdir}/certs/freebsd.puyenet.com.pem
CA_file = ${raddbdir}/certs/root.pem
dh_file = ${raddbdir}/certs/dh
random_file = ${raddbdir}/certs/random
}
peap {
default_eap_type = mschapv2
}
mschapv2 {
}
}
Thanks everybody that give me a hand.
Alhagie.
Thanks Alan for the reply. The "peap" section was already uncommented.
Here is exactly what my eap.conf file looks like (I have removed every line that is commented)
eap {
default_eap_type = peap
timer_expire = 60
ignore_unknown_eap_types = no
cisco_accounting_username_bug = no
tls {
private_key_password = whatever
private_key_file = ${raddbdir}/certs/freebsd.puyenet.com.pem
certificate_file = ${raddbdir}/certs/freebsd.puyenet.com.pem
CA_file = ${raddbdir}/certs/root.pem
dh_file = ${raddbdir}/certs/dh
random_file = ${raddbdir}/certs/random
peap {
default_eap_type = mschapv2
}
mschapv2 {
}
}
}
Thanks,
Alhagie.
"Alhagie Puye" <APuye at datawave.com> wrote:
> rlm_eap: Loaded and initialized type tls
> rlm_eap: No such sub-type for default EAP type peap
Try reading eap.conf, and uncommenting the "peap" section.
I'm not sure how to make that error message more descriptive, or
update the comments in eap.conf so that people will *read* them.
Alan DEKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
This message (including any attachments) is confidential, may be privileged and is only intended for the person to whom it is addressed. If you have received it by mistake please notify the sender by return e-mail and delete this message from your system. Any unauthorized use or dissemination of this message in whole or in part is strictly prohibited. E-mail communications are inherently vulnerable to interception by unauthorized parties and are susceptible to change. We will use alternate communication means upon request.
This message (including any attachments) is confidential, may be privileged and is only intended for the person to whom it is addressed. If you have received it by mistake please notify the sender by return e-mail and delete this message from your system. Any unauthorized use or dissemination of this message in whole or in part is strictly prohibited. E-mail communications are inherently vulnerable to interception by unauthorized parties and are susceptible to change. We will use alternate communication means upon request.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20060102/7d8dd1a0/attachment.html>
More information about the Freeradius-Users
mailing list