802.1x problems

tnt at kalik.net tnt at kalik.net
Thu Jan 15 20:36:00 CET 2009

>I am having some issues with setting up 802.1x using
>freeradius-server-2.1.1-2.el5. I have 3 SSIDs setup. One of them is
>doing Mac Auth against a file. One is using ldap auth and the other is
>setup to use 802.1x. Mac auth and ldap auth works great so I know my
>ldap config in radius should be setup correctly. It looks like the
>authorize part of 802.1x works but it fails during the authenticate
>part. Does anyone see what I have messed up? I am sure it is something
>simple that I am overlooking. I am using windows xp sp3 to try to
>connect to this network. My wireless network is all Cisco LWAPP AP's
>connecting to Cisco WLAN controllers and we use Cisco WCS to manage
>all of these devices. I am trying to setup a secure network using wpa
>and wpa2 with 802.1x using eap-peap.
>The message
>'WARNING: No "known good" password was found in LDAP.  Are you sure that the user is configured correctly?'
>shows up also on the non-802.1x ldap auth wlan that works. Let me know
>if more detail is needed.

Where is his password supposed to be? Ldap auth can't work with mschap,
so you need to send the password to freeradius. You need to enable ldap
instances in inner-tunnel virtual server (that will be doing mschap

Ivan Kalik
Kalik Informatika ISP

More information about the Freeradius-Users mailing list