Need help setting up PEAP authentication

Reynald Borer r.borer at citycable.ch
Wed Jul 19 16:55:03 CEST 2006


Hi,

I'm trying to setup freeradius to authenticate users of my wireless
networks and I'm facing some problems. I've tried to follow the guide
located at http://www.tldp.org/HOWTO/8021X-HOWTO/ , which explains
exactly the setup I would like (that is, authentication with username /
password credentials).

So I've setup freeradius like explained (I've already have everything
needed for ssl, CA root certificate and server certificate), and I've
configured my access point to use my radius server.

So when I try to login, for example with wpa_supplicant, it tolds me
that authentication with MSCHAPv2 went ok, and then 30 seconds later it
says "Authentication timed out", and it tries to re authenticate. So I'm
able to use my wireless network 30 seconds only (for example if I start
up a dhcp client then I get an IP) before I'm re authenticated.

I've also tried with a Windows XP client, and it continues asking me my
credentials.

Here is what is displayed in the logs (without verbose mode):
Error:     TLS_accept:error in SSLv3 read client certificate A
Error: rlm_eap: SSL error error:00000000:lib(0):func(0):reason(0)
Error: rlm_eap: SSL error error:00000000:lib(0):func(0):reason(0)
Info: rlm_eap_mschapv2: Issuing Challenge

So does someone have a working freeradius configuration to share with me
? Or some tips to get it working ?

Thanks in advance,

Reynald Borer

P.S: I'm using debian so I've recompiled freeradius to link against libssl
P.S2: I've attached my freeradius config files (modified parts only).
Complete files are available at
http://www.borer.name/files/index.php?dir=radius/

-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: eap.conf
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20060719/a2f5de22/attachment.ksh>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: radiusd.conf
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20060719/a2f5de22/attachment-0001.ksh>


More information about the Freeradius-Users mailing list