[help] Mikrotik WDS + WPA2-EAP TLS + FreeRadius = failure
Alan DeKok
aland at deployingradius.com
Fri Sep 17 11:11:28 CEST 2010
Denis Iskandarov wrote:
> Hello
> I'm trying to do WDS WPA2-EAP TLS authentication of 2 RB600
> Simple WDS AP+station without EAP is working.
> I've already searched forum for related topics. but they didn't help me.
...
What supplicant are you using? i.e. Windows? Linux?
> AP bridge security profile and rad. server:
>
> [admin at RB600_test1] > /radius print
Please don't post that. The FAQ and documentation say what is
needed. Posting more isn't requested, and isn't necessary.
> Here's debug of radius:
> It's says that it can't identify username. what should i write in db
> as username? as i knew EAP-TLS is using certificate authentication
> without usernames and passwords like EAP-TTLS is doing.
The supplicant is broken. It's sending an EAP-Identity field with no
data:
> rad_recv: Access-Request packet from host 192.168.0.22 port 41953,
> id=93, length=201
...
> EAP-Message = 0x0200000501
This is an EAP Identity packet, saying that the identity is empty.
Make sure that the supplicant send a name in the identity field.
Alan DeKok.
More information about the Freeradius-Users
mailing list