EAP-TLS
Brian Ertel
bsertel at amherst.edu
Wed Jan 7 18:15:31 CET 2009
Hi,
I've modified the eap.conf, clients.conf, and users respectfully but am getting the below error when started radius:
Module: Loaded eap
eap: default_eap_type = "tls"
eap: timer_expire = 60
eap: ignore_unknown_eap_types = no
eap: cisco_accounting_username_bug = no
rlm_eap: No EAP type configured, module cannot do anything.
radiusd.conf[10]: eap: Module instantiation failed.
radiusd.conf[1939] Unknown module "eap".
radiusd.conf[1886] Failed to parse authenticate section.
The following are the config's I made. Please let me know if you see anything that needs to change just to get radius start.
eap.conf
default_eap_type =tls
tls {
private_key_password = whatever
private_key_file = ${raddbdir}/certs/cert-srv.pem
certificate_file = ${raddbdir}/certs/cert-srv.pem
# Trusted Root CA list
CA_file = ${raddbdir}/certs/demoCA/cacert.pem
dh_file = ${raddbdir}/certs/dh
random_file = ${raddbdir}/certs/random
clients.conf
client 148.85.0.0/16 {
#
# The shared secret use to "encrypt" and "sign" packets between
# the NAS and FreeRADIUS. You MUST change this secret from the
# default, otherwise it's not a secret any more!
#
# The secret can be any string, up to 31 characters in length.
#
secret = XXXXXXX
#
# The short name is used as an alias for the fully qualified
# domain name, or the IP address.
#
shortname = WAPS
users
DEFAULT Auth-Type :=EAP
Tunnel-Type = "VLAN",
Tunnel-Medium-Type = "IEEE-802",
Tunnel-Private-Group-ID = "300",
Thanks,
Brian
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20090107/4d262e61/attachment.html>
More information about the Freeradius-Users
mailing list