Problem with Freeradius+LDAP+wifi

Thibault Le Meur Thibault.LeMeur at supelec.fr
Tue Jan 16 14:10:55 CET 2007


> > Could you post this file ?
> 
> I have only:
> 
> eap {
> 
> 
>     default_eap_type = tls
> 
> 
>     tls {
> 
> 
>     tls_cacertfile = /etc/freeradius/cert/ca.pem
> 
> 
>     tls_certfile = /etc/freeradius/cert/radius.crt
> 
> 
> 
>                          tls_keyfile = /etc/freeradius/cert/radius.key
> 
> 
>     }
> 
> 
> }

You're lacking the peap sub part:
                 peap {
                        #  The tunneled EAP session needs a default
                        #  EAP type which is separate from the one for
                        #  the non-tunneled EAP module.  Inside of the
                        #  PEAP tunnel, we recommend using MS-CHAPv2,
                        #  as that is the default type supported by
                        #  Windows clients.
                        default_eap_type = mschapv2

                        #  the PEAP module also has these configuration
                        #  items, which are the same as for TTLS.
                        copy_request_to_tunnel = yes
                        use_tunneled_reply = yes

                        #  When the tunneled session is proxied, the
                        #  home server may not understand EAP-MSCHAP-V2.
                        #  Set this entry to "no" to proxy the tunneled
                        #  EAP-MSCHAP-V2 as normal MSCHAPv2.
                #       proxy_tunneled_request_as_eap = yes
                }



Why have you deleted this entry? When you don't want to use a feature, just
comment the section it'll make it easier to update the configuration in the
future.

> 
> BR,
> 
> Rafal Kaminski

HTH,
Thibault





More information about the Freeradius-Users mailing list