Help needed with freeradius, solaris and trapeze

Guy Davies aguydavies at gmail.com
Mon Apr 28 21:56:55 CEST 2008


Hi Alan,

Erm... I'm using WPA2/AES that uses 802.1x to authenticate the user
:-)  WPA2/TKIP is a strange choice (if not technically invalid).
Normally, folks go for WPA/TKIP or WPA2/AES.

Anyway, back to Miguel's question...

I have not used Trapeze kit for a couple of years but I have used it
in the past with FreeRADIUS (and derived RADIUS servers).

You need to tell us which EAP method you plan to use.  If you are
using local users, you can take your pick from EAP-TTLS/PAP or
PEAP/MS-CHAPv2.  If you use the former, you can have the passwords
encrypted in the users file.  If you use the latter, the passwords
must be in clear text.

I believe that the default radius.conf and eap.conf files will work
automatically for either option.

Trapeze uses some VSAs to specify which VLAN a user should be
connected to, what time-of-day they can connect, etc.  Just look in
dictionary.trapeze and you'll see the options.  The Trapeze
documentation was always pretty good at explaining the purpose and
format of those VSAs.  You *MUST* include a VLAN-Name VSA when
responding to a Trapeze unit or it won't connect you to the correct
VLAN.

Rgds,

Guy

2008/4/28 Alan DeKok <aland at deployingradius.com>:
> Miguel Dias wrote:
>  > Can anyone help? I'm starting with WPA2 - TKIP and I would Like to
>  > configure FreeRadius to Authenticate some test users that I can create
>  > on freeradius.
>
>   WPA2 means that the access point isn't doing RADIUS authentication for
>  the users.
>
>
>  > please help really needed... Where should I start???
>
>   Configure 802.1x for the AP.  Don't use WPA2.
>
>   Alan DeKok.
>  -
>  List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>



More information about the Freeradius-Users mailing list