eduroam PEAP + TTLS
legdf at hotmail.com
Mon Jun 21 17:35:57 CEST 2010
Thank you so much, you were right, once more as it seems, I've just downgraded samba to native version (3.2.5) on my Debian Lenny and it works !
I had'nt managed to have samba 3.2.5 working the first time so I have tried 3.5.3 but with the same .conf, it works perfectly.
> Date: Mon, 21 Jun 2010 16:46:05 +0200
> From: aland at deployingradius.com
> To: freeradius-users at lists.freeradius.org
> Subject: Re: eduroam PEAP + TTLS
> Jean-Philippe Ghibaudo wrote:
> > I need to have EAP-TTLS working with LDAP bind and PEAP-MSCHAPV2 with
> > Samba + Winbind + Active Directory.
> That should be possible. Follow the guides, and it should work.
> > I've got winbind very unstable... I can successfully authenticate using
> > eapol_test but a few minutes later, I've got a
> > MPPE keys mismatch. If I restart winbind, I can authenticate few times
> > and then, it stops working.
> That sounds like a Samba problem. See
> > I'm not really sure to understand how I have to set "Auth-Type" in
> > inner-tunnel and/or default (sites-enabled).
> Don't. Leave the defaults alone. Only make the changes which are
> recommended by the guides (e.g. deployingradius.com)
> > I've got :
> > in the authenticate section. I've got mschap then ldap in authorize section.
> > Is there a mistake here ?
> > This is the end of the output of eapol_test for PEAP when it fails :
> > EAP-MSCHAPV2: Invalid authenticator response in success request
> It looks like that Samba bug.
> Alan DeKok.
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hotmail : Simple et Efficace qui vous facilite la vie… Découvrez la NOW génération !
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Freeradius-Users