an infamous LDAP-FreeRadius question

Matt Ashfield mda at unb.ca
Wed Jul 12 15:27:51 CEST 2006


Well, I think my TLS session is getting created. From what I can tell, it's
the password part of it that's hurting me. I've attached output of my radius
server debugging and my eap.conf file as well in hopes that someone could
tell me what I'm doing wrong.

Any helpful comments are appreaciated.

Thanks

Matt
mda at unb.ca 


-----Original Message-----
From: Zoltan Ori [mailto:z.ori at morehead-st.edu] 
Sent: July 11, 2006 12:33 PM
To: mda at unb.ca; 'FreeRadius users mailing list'
Subject: Re: an infamous LDAP-FreeRadius question

On Tuesday 11 July 2006 10:10, Matt Ashfield wrote:
> When I try to connect via 802.1x from a wireless client my Radius server
> debgging looks like below. Obviously the TLS session is not being setup
> correctly. I'm wondering about the private_key_password attribute. I just
> set it to "whatever" but that needs to correspond to a user on the LDAP
> server doesn't it? I'm not sure that's been set up.

You might try not using an ldaps connection if your LDAP server allows it. 
Comment out all the TLS in the ldap section. This TLS/SSL connection to your

LDAP server is a separate issue from 802.1x. That's just between the RADIUS 
server and LDAP. Once you've got everything else going, go back and work
with 
the ldaps. 

The main thing is to change only one thing at a time. Then you'll know
exactly 
what broke it and what didn't. I believe you had LDAP working before, didn't

you?

Zoltan Ori
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: radius_output.txt
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20060712/8d38eb51/attachment.txt>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: eap_conf.txt
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20060712/8d38eb51/attachment-0001.txt>


More information about the Freeradius-Users mailing list