(Ruckus AP + CHAP + 802.1x EAP) + (FreeRadius + OpenLDAP) is possible? or need some magic?

Alan DeKok aland at deployingradius.com
Fri Jan 24 16:19:21 CET 2014


Jorge Pereira wrote:
>    I've in my labs the "Ruckus AP" with SSID setted with authentication
> "802.1x EAP" and encryption method "WPA2" / algorithm AES.
> but, my only option for "Auth Method" is CHAP (not ms-chap) or PAP! of
> course that in this case, my only way out is use "CHAP" (again, i don't
> have ms-chap in my AP)

  OK... you have too many acronyms in that sentence.  It means you're
focusing on them, and not understanding how the system works.

> my question is: could be possible authorize in my FreeRadius+OpenLdap?

  Yes.  FreeRADIUS can do 802.1X and LDAP.  It can do captive portal and
LDAP.

> because i'm looking by many weeks about some solutions and didn't found
> anything 

  Because you're looking for the wrong thing.

> that can solve my problem.... I heard something that need to add/create
> a new field in my openldap for store the "chap-password"... something
> like that!

  No.

> obs: if someone available to try clarify my ideas, and give some way...
> I'll be very grateful!! :)

  802.1X has nothing to do with AES, PAP, or CHAP.  That's the first
problem.

  Follow the EAP "howto" on my web site:

http://deployingradius.com/

  It WILL work.

  Once that works, update the server to get passwords from LDAP.

  Alan DeKok.


More information about the Freeradius-Users mailing list