Freeradius with EAP and LDAP
jarkko.juntunen at bitkompisab.fi
Thu Dec 19 18:09:40 CET 2019
Thanks for Your advice. We have run Freeradius in debug mode couple of
hours and the problem seems to be ( at least in my opinion) missing of
password in case of EAP authentication. And the problem is that I have no
clue how to have Cleartext-password out of EAP-MSCHAP auth.
to 19. jouluk. 2019 klo 18.23 Marek Zarychta (zarychtam at plan-b.pwste.edu.pl)
> W dniu 19.12.2019 o 17:09, Juntunen, Jarkko pisze:
> We have Freeradius server 3.0.16 up and running and it'll authenticate Our
> test users successfully via default and inner-tunnel with PAP against Our
> test LDAP-server. But when we try to authenticate those same test users
> against that very same LDAP-server from/via Meraki (Cisco) Wifi-endpoints
> with EAP we'll have rejected auths.
> We have also created some test users in Freeradius db, and if we disable
> LDAP from Our configs those users can authenticate without problems against
> Freeradius itself.
> I'm just a newbie with Freeradius (and radius in general as well), so can
> anyone help and give a hint what We are missing?
> All help will be appreciated.
> Dear Jarkko,
> please follow Alan's instructions to debug, but also bear in mind that to
> get PEAP with MSCHAP working you probably need either Cleartext-Password or
> hashed NT-Password available for users.
> Marek Zarychta
More information about the Freeradius-Users