problem in configuring PEAP on freeRADIUS1.1.2
sukhvinder kumar
sukhvinder_78 at yahoo.co.in
Thu Jul 6 11:06:42 CEST 2006
Generate certificates and then Configure eap.conf,
it'll work.
Regards.
sukhvinder
--- Pradeep Sengar <pradeep.sengar at gmail.com> wrote:
> Hi,
> I m running freeRADIUS 1.1.2. Trying to run it for
> PEAP authentication and
> made few changes in radiusd.conf,eap.conf & users
> files in
> /usr/local/etc/raddb/ directory.
> on running freeradius in debugging mode by typing
> "radiusd -x" on command
> prompt it gives this output:
>
> [root at localhost ~]# radiusd -x
> Starting - reading configuration files ...
> Using deprecated naslist file. Support for this
> will go away soon.
> Module: Loaded exec
> rlm_exec: Wait=yes but no output defined. Did you
> mean output=none?
> Module: Instantiated exec (exec)
> Module: Loaded expr
> Module: Instantiated expr (expr)
> Module: Loaded PAP
> Module: Instantiated pap (pap)
> Module: Loaded CHAP
> Module: Instantiated chap (chap)
> Module: Loaded MS-CHAP
> Module: Instantiated mschap (mschap)
> Module: Loaded System
> Module: Instantiated unix (unix)
> Module: Loaded eap
> rlm_eap: Loaded and initialized type md5
> rlm_eap: Loaded and initialized type leap
> rlm_eap: Loaded and initialized type gtc
> rlm_eap_tls: Loading the certificate file as a chain
> rlm_eap: SSL error error:0200100E:system
> library:fopen:Bad address
> rlm_eap_tls: Error reading certificate file
> rlm_eap: Failed to initialize type tls
> radiusd.conf [10]: eap: Module instantiation failed.
> radiusd.conf[1920] Unknown module "eap".
> radiusd.conf[1867] Failed to parse authenticate
> section.
>
>
>
>
> I am attaching radiusd.conf,clients.conf,eap.conf
> and users files here.
> Plz tell me also how to mention network in
> clients.conf. Do i need to
> install openssl before running freeradius server?
>
> I m pasting my files below here:
> xxxxxxxxxxxx
> radiusd.conf
> xxxxxxxxxxxx
> ## radiusd.conf -- FreeRADIUS server
> configuration file.
>
>
> prefix = /usr/local
> exec_prefix = ${prefix}
> sysconfdir = ${prefix}/etc
> localstatedir = ${prefix}/var
> sbindir = ${exec_prefix}/sbin
> logdir = ${localstatedir}/log/radius
> raddbdir = ${sysconfdir}/raddb
> radacctdir = ${logdir}/radacct
>
> # Location of config and logfiles.
> confdir = ${raddbdir}
> run_dir = ${localstatedir}/run/radiusd
>
>
> log_file = ${logdir}/radius.log
>
>
> libdir = ${exec_prefix}/lib
>
>
>
> pidfile = ${run_dir}/radiusd.pid
>
>
>
> #user = nobody
> #group = nobody
>
> # max_request_time: The maximum time (in seconds)
> to handle a request.
> #
>
> # Useful range of values: 5 to 120
> #
> max_request_time = 30
>
>
>
> delete_blocked_requests = no
>
>
>
> cleanup_delay = 5
>
>
>
> max_requests = 1024
>
>
>
> bind_address = *
>
>
>
> port = 0
>
> hostname_lookups = no
>
>
> allow_core_dumps = no
>
>
> regular_expressions = yes
> extended_expressions = yes
>
>
> log_stripped_names = no
>
>
> log_auth = no
>
> log_auth_badpass = no
> log_auth_goodpass = no
>
>
> usercollide = no
>
>
> lower_user = no
> lower_pass = no
>
>
> nospace_user = no
> nospace_pass = no
>
> # The program to execute to do concurrency checks.
> checkrad = ${sbindir}/checkrad
>
> # SECURITY CONFIGURATION
>
> security {
>
> max_attributes = 200
>
>
> reject_delay = 1
>
>
> status_server = no
> }
>
>
> proxy_requests = yes
> $INCLUDE ${confdir}/proxy.conf
>
>
> # CLIENTS CONFIGURATION
>
> $INCLUDE ${confdir}/clients.conf
>
>
> # SNMP CONFIGURATION
>
> snmp = no
> $INCLUDE ${confdir}/snmp.conf
>
>
> # THREAD POOL CONFIGURATION
>
> thread pool {
>
> start_servers = 5
>
>
> max_servers = 32
>
>
> min_spare_servers = 3
> max_spare_servers = 10
>
> max_requests_per_server = 0
> }
>
> # MODULE CONFIGURATION
>
> modules {
>
>
>
> pap {
> encryption_scheme = crypt
> }
>
=== message truncated ===> -
> List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
__________________________________________________________
Yahoo! India Answers: Share what you know. Learn something new
http://in.answers.yahoo.com/
More information about the Freeradius-Users
mailing list