log file for free radius 1.1.6 eap-tls authentication

anoop_c at sifycorp.com anoop_c at sifycorp.com
Wed May 30 10:52:54 CEST 2007


Hi
   I am getting the following message
in log first it satatrts (radiud -X)

[root at localhost radius]# cat radius.log
Wed May 30 11:24:14 2007 : Info: Using deprecated naslist file.  Support for this will go away soon.
Wed May 30 11:24:14 2007 : Info: rlm_exec: Wait=yes but no output defined. Did you mean output=none?
Wed May 30 11:24:14 2007 : Info: rlm_eap_tls: Loading the certificate file as a chain
Wed May 30 11:24:14 2007 : Info: Ready to process requests.

But if again start the server no logs and nothing other than this is coming in the log.

 regarding users file in navisradius i uesd to do that in EAP_TLS thats why i asked.

Regards
Anoop
--
> 
> Message: 5
> Date: Tue, 29 May 2007 09:42:52 +0100
> From: <tnt at kalik.co.yu>
> Subject: Re: log file for free radius 1.1.6 eap-tls authentication
> To: \"FreeRadius users mailing list\"
> 	<freeradius-users at lists.freeradius.org>
> Message-ID: <g9b0RimS.1180428172.8965940.tnt at kalik.co.yu>
> Content-Type: text/plain; charset=ISO-8859-2
> 
> 1. That\'s not how certificates work. You add those that you want to
> PREVENT from connecting (for whatever reason) to Certificate Revocation
> List (CRL). You suposedly do have control over who are certificates
> issued to. If you have no control over CA then you shouldn\'t be using
> them.
> 
> 2. Is anything (reading config files etc.) written to the log when you
> restart the server?
> 
> Ivan Kalik
> Kalik Informatika ISP
> 
> 
> Dana 29/5/2007, \"anoop_c at sifycorp.com\" <anoop_c at sifycorp.com> pi?e:
> 
> >Hi
> >   1 I know its eap-tls and certificate based.
> >Earlier i was using Navis radius .In that for eap-tls we have to add
> certificate name to  a specific user file.
> >     Like that here also user file is there can i make use of the user
> file so that only that user get authenticated,
> >
> >  2 Logs are not happening.In config changes required to get the same?
> >Regards
> >Anoop
> >
> >>
> >>
> >> Message: 2
> >> Date: Mon, 28 May 2007 15:07:06 +0100
> >> From: <tnt at kalik.co.yu>
> >> Subject: Re: log file for free radius 1.1.6 eap-tls authentication
> >> To: \"FreeRadius users mailing list\"
> >> 	<freeradius-users at lists.freeradius.org>
> >> Message-ID: <a8emGRAP.1180361226.4861000.tnt at kalik.co.yu>
> >> Content-Type: text/plain; charset=ISO-8859-2
> >>
> >> This is EAP-TLS. This user has a valid user certificate and is
> >> accepted.
> >> If you don\'t want to go via certificates but use user/password, use
> >> EAP-TTLS with MS-CHAPv2 (or PAP or any other auth protocol).
> >>
> >> Ivan Kalik
> >> Kalik Informatika ISP




More information about the Freeradius-Users mailing list