FreeRADIUS + OpenLDAP + NAS (it´s make me crazy!!!please HELP!!!)

Alan DeKok aland at deployingradius.com
Wed Mar 19 08:03:54 CET 2008


Koko Kurniawan wrote:
> why my freeradius server can´t detect the password that i write on the
> client?

  Because the password is NOT in the RADIUS packet.  Go read it: no
"User-Password" attribute.

> rad_recv: Access-Request packet from host 10.10.53.100:1812, id=76,
> length=83
>         User-Name = "htrisnadi"
>         Framed-MTU = 1400
>         NAS-Port-Type = Wireless-802.11
>         EAP-Message = 0x0201000e0168747269736e616469

  EAP is an authentication protocol that does not send the password from
the client to the server.

> auth: type "LDAP"

  You forced "Auth-Type := LDAP".  DO NOT DO THAT.

  Please explain WHY you are doing this, and WHERE in the documentation
(or web pages) it said to do this.

> There is no User-Password in there.
> Should i change the configuration? in which file?

  Do NOT set Auth-Type.  If LDAP has a clear-text password available for
the user, FreeRADIUS will figure out how to authenticate the user.

  Alan DeKok.



More information about the Freeradius-Users mailing list