Linksys WIFI Authentication using freeradius?

Michel Bulgado michel at casa.co.cu
Thu Dec 8 22:11:34 CET 2011


  On 12/07/2011 08:37 AM, Michel Bulgado wrote:
> On Wednesday 07 December 2011 01:26:08 Fajar A. Nugraha
> wrote:
>> On Wed, Dec 7, 2011 at 1:15 PM,<michel at casa.co.cu>  wrote:
>>> google search and it turns out all the variations I have
> encountered are
>>> implementing freeradius with PEAP TLS and mysql which
> should generate
>>> certificates and then configure the client and in turn install
> these
>>> certificates to the exchange between the server and client.
>>>
>>> I was wondering, there is some other simpler way that does
> not imply that
>>> this set up or install certificates on the client side?
>> PEAP-TTLS, PEAP-MSCHAPv2, PEAP-GTC, etc.
>>
>> On these setup there's only one certificate: the server.
> Depending on
>> your OS/supplicant, the client can be set up to ignore the
> certificate
>> validation, or to have a pop up asking whether they trust the
> server
>> certicate.
>>
>> Note that the CLIENT choose which authentication method to
> use. Setup
>> on NAS (i.e. access point) side is the same.
>>
>>> Well, I have several clients with different operating systems:
> Windows,
>>> Linux, Apple.
>>>
>>> Something as simple as putting the username and password.
>> Once you get pass certificate trust issue, it's a matter of putting
>> username and password.
>>
> Hi Fajar
>
> Thanks for reply me.
>
> If PEAP-TTLS, PEAP-MSCHAPv2, PEAP-GTC works with one
> certificate on the side of the server, of the three methods  what
> you recomend me to use in the server?
>
> Did you have a manual, doc, i can use to setting up the
> authentication with freeradius with PEAP-TTLS or PEAP-MSCHAPv2
> or  PEAP-GTC and mysql?
>
> Michel
>

At last!

Finally after much struggle, I configure freeradius with mysql to 
authenticate wireless users.

EAP-TTLS

But another problem arises for me:

After the user to authenticate and connect to wireless, I noticed that 
the table "RadAcct" was empty, probing the inner-tunnel file found this:

There are no accounting Requests inside of EAP-TTLS or PEAP tunnels.

What other variants, I can choose to run the accounting?

Ideas?




More information about the Freeradius-Users mailing list