802.1x problems

tnt at kalik.net tnt at kalik.net
Thu Jan 15 20:36:00 CET 2009


>I am having some issues with setting up 802.1x using
>freeradius-server-2.1.1-2.el5. I have 3 SSIDs setup. One of them is
>doing Mac Auth against a file. One is using ldap auth and the other is
>setup to use 802.1x. Mac auth and ldap auth works great so I know my
>ldap config in radius should be setup correctly. It looks like the
>authorize part of 802.1x works but it fails during the authenticate
>part. Does anyone see what I have messed up? I am sure it is something
>simple that I am overlooking. I am using windows xp sp3 to try to
>connect to this network. My wireless network is all Cisco LWAPP AP's
>connecting to Cisco WLAN controllers and we use Cisco WCS to manage
>all of these devices. I am trying to setup a secure network using wpa
>and wpa2 with 802.1x using eap-peap.
>
>The message
>
>'WARNING: No "known good" password was found in LDAP.  Are you sure that the user is configured correctly?'
>
>shows up also on the non-802.1x ldap auth wlan that works. Let me know
>if more detail is needed.
>

Where is his password supposed to be? Ldap auth can't work with mschap,
so you need to send the password to freeradius. You need to enable ldap
instances in inner-tunnel virtual server (that will be doing mschap
auth).

Ivan Kalik
Kalik Informatika ISP




More information about the Freeradius-Users mailing list