Re: a newbie testing freeradius need help
Hello lists, I configure the FreeRADIUS successfully and happy with the support. Thank you list for your support, /jreubens Alan DeKok [EMAIL PROTECTED] wrote: jennie susan wrote: I have succeed in configuring the server again with correct openssl libraries and development headers, the eapol_test is halfway successful, the tunnel was established, but i dont know why its didnt succeed after that, can you give me an hint please. In 2.0.3 you have to copy the files from the *source* raddb/sites-available/* to the final installed location: /etc/raddb/sites-available, or /usr/local/etc/... This is fixed in CVS head. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: a newbie testing freeradius need help
Hi all, I have succeed in configuring the server again with correct openssl libraries and development headers, the eapol_test is halfway successful, the tunnel was established, but i dont know why its didnt succeed after that, can you give me an hint please. Thank you all for helping me out. Br, Jreubens HERE IS MY RADIUSD OUTPUT NAS-Port-Type = Wireless-802.11 Connect-Info = CONNECT 11Mbps 802.11b EAP-Message = 0x020e01616e6f6e796d6f7573 Message-Authenticator = 0x7a6034cf7717a391ed27b2009f6183e6 +- entering group authorize ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop rlm_realm: No '@' in User-Name = anonymous, looking up realm NULL rlm_realm: No such realm NULL ++[suffix] returns noop rlm_eap: EAP packet type response id 0 length 14 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation ++[eap] returns updated ++[unix] returns notfound ++[files] returns noop ++[expiration] returns noop ++[logintime] returns noop rlm_pap: WARNING! No known good password found for the user. Authentication may fail because of this. ++[pap] returns noop rad_check_password: Found Auth-Type EAP auth: type EAP +- entering group authenticate rlm_eap: EAP Identity rlm_eap: processing type md5 rlm_eap_md5: Issuing Challenge ++[eap] returns handled EAP-Message = 0x010100160410b08675566bb4374960f4ad3d016012d5 Message-Authenticator = 0x State = 0xd60df96dd60cfd7fbb716c33077b06cd Finished request 0. Going to the next request Waking up in 4.9 seconds. User-Name = anonymous NAS-IP-Address = 127.0.0.1 Calling-Station-Id = 02-00-00-00-00-01 Framed-MTU = 1400 NAS-Port-Type = Wireless-802.11 Connect-Info = CONNECT 11Mbps 802.11b EAP-Message = 0x020100060319 State = 0xd60df96dd60cfd7fbb716c33077b06cd Message-Authenticator = 0x9ceebff3658f100773d5a1128d1eef4b +- entering group authorize ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop rlm_realm: No '@' in User-Name = anonymous, looking up realm NULL rlm_realm: No such realm NULL ++[suffix] returns noop rlm_eap: EAP packet type response id 1 length 6 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation ++[eap] returns updated ++[unix] returns notfound ++[files] returns noop ++[expiration] returns noop ++[logintime] returns noop rlm_pap: WARNING! No known good password found for the user. Authentication may fail because of this. ++[pap] returns noop rad_check_password: Found Auth-Type EAP auth: type EAP +- entering group authenticate rlm_eap: Request found, released from the list rlm_eap: EAP NAK rlm_eap: EAP-NAK asked for EAP-Type/peap rlm_eap: processing type tls rlm_eap_tls: Initiate rlm_eap_tls: Start returned 1 ++[eap] returns handled EAP-Message = 0x010200061920 Message-Authenticator = 0x State = 0xd60df96dd70fe07fbb716c33077b06cd Finished request 1. Going to the next request Waking up in 4.9 seconds. User-Name = anonymous NAS-IP-Address = 127.0.0.1 Calling-Station-Id = 02-00-00-00-00-01 Framed-MTU = 1400 NAS-Port-Type = Wireless-802.11 Connect-Info = CONNECT 11Mbps 802.11b EAP-Message = 0x0202005e19001603010053014f0301481576fea1a0e81ff55753b5a3d70b37d5fb619e00eda78395931584ff5390442800390038003500160013000a00330032002f000700050004001500120009001400110008000600030100 State = 0xd60df96dd70fe07fbb716c33077b06cd Message-Authenticator = 0x6e3b249941b1fb3f187b9e295b1aab5a +- entering group authorize ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop rlm_realm: No '@' in User-Name = anonymous, looking up realm NULL rlm_realm: No such realm NULL ++[suffix] returns noop rlm_eap: EAP packet type response id 2 length 94 rlm_eap: Continuing tunnel setup. ++[eap] returns ok rad_check_password: Found Auth-Type EAP auth: type EAP +- entering group authenticate rlm_eap: Request found, released from the list rlm_eap: EAP/peap rlm_eap: processing type peap rlm_eap_peap: Authenticate rlm_eap_tls: processing TLS eaptls_verify returned 7 rlm_eap_tls: Done initial handshake (other): before/accept initialization TLS_accept: before/accept initialization rlm_eap_tls: TLS 1.0 Handshake [length 0053], ClientHello TLS_accept: SSLv3 read client hello A rlm_eap_tls: TLS 1.0 Handshake [length 004a], ServerHello TLS_accept: SSLv3 write server hello A rlm_eap_tls: TLS 1.0 Handshake [length 085e], Certificate TLS_accept: SSLv3 write certificate A rlm_eap_tls: TLS 1.0 Handshake [length 020d], ServerKeyExchange TLS_accept: SSLv3 write key exchange A rlm_eap_tls: TLS 1.0 Handshake [length 0004], ServerHelloDone TLS_accept: SSLv3 write server done A TLS_accept: SSLv3 flush data
Re: a newbie testing freeradius need help
jennie susan wrote: I have succeed in configuring the server again with correct openssl libraries and development headers, the eapol_test is halfway successful, the tunnel was established, but i dont know why its didnt succeed after that, can you give me an hint please. In 2.0.3 you have to copy the files from the *source* raddb/sites-available/* to the final installed location: /etc/raddb/sites-available, or /usr/local/etc/... This is fixed in CVS head. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: a newbie testing freeradius need help
EAPOL: txSuppRsp WPA: eapol_test_eapol_send(type=0 len=6) TX EAP - RADIUS - hexdump(len=6): 02 01 00 06 03 19 Encapsulating EAP message into a RADIUS packet Copied RADIUS State Attribute Sending RADIUS message to authentication server RADIUS message: code=1 (Access-Request) identifier=1 length=136 Attribute 1 (User-Name) length=11 Value: 'anonymous' Attribute 4 (NAS-IP-Address) length=6 Value: 127.0.0.1 Attribute 31 (Calling-Station-Id) length=19 Value: '02-00-00-00-00-01' Attribute 12 (Framed-MTU) length=6 Value: 1400 Attribute 61 (NAS-Port-Type) length=6 Value: 19 Attribute 77 (Connect-Info) length=24 Value: 'CONNECT 11Mbps 802.11b' Attribute 79 (EAP-Message) length=8 Value: 02 01 00 06 03 19 Attribute 24 (State) length=18 Value: b0 f6 f6 2c b0 f7 f2 28 5d d6 0d 33 31 0f b6 ce Attribute 80 (Message-Authenticator) length=18 Value: 5d ee 61 2e 8c 12 d7 26 dd f7 74 57 2b d3 35 50 Next RADIUS client retransmit in 3 seconds EAPOL: SUPP_BE entering state RECEIVE Received 44 bytes from RADIUS server Received RADIUS message RADIUS message: code=3 (Access-Reject) identifier=1 length=44 Attribute 79 (EAP-Message) length=6 Value: 04 01 00 04 Attribute 80 (Message-Authenticator) length=18 Value: 5e a3 cf e8 a2 64 36 a7 af 57 04 c1 8d 1c 33 9a STA 02:00:00:00:00:01: Received RADIUS packet matched with a pending request, round trip time 1.00 sec RADIUS packet matching with station decapsulated EAP packet (code=4 id=1 len=4) from RADIUS server: EAP Failure EAPOL: Received EAP-Packet frame EAPOL: SUPP_BE entering state REQUEST EAPOL: getSuppRsp EAP: EAP entering state RECEIVED EAP: Received EAP-Failure EAP: EAP entering state FAILURE CTRL-EVENT-EAP-FAILURE EAP authentication failed EAPOL: SUPP_PAE entering state HELD EAPOL: SUPP_BE entering state RECEIVE EAPOL: SUPP_BE entering state FAIL EAPOL: SUPP_BE entering state IDLE eapol_sm_cb: success=0 MPPE keys OK: 0 mismatch: 2 FAILURE i generated the test certificates as mentioned in the README doc in certs folder. i havnt changed anything in eap.conf except the ceritificates path, as you might have noticed i installed the freeradius in /usr/local/radius. and i deleted the make_cert_command. Thats all i did. Any help can be appreciated, i have to finish it for my thesis. Thank you for the time you are taking for me, Regards, Jreubens jreubens wrote: Thank you alan for your time, As i mentioned before i am new to linux too. I had installed openssl already and the libraries are in /usr/local/lib folder. i dont know how to enable this (path) in the server, because i guess there is another openssl (older version) installed, i had this problem when making eapol_test tool then i installed newer version in the specified directory. Then how can i restart the radiusd, is it ok to kill the demon and then start it again sorry for this naive question. thank you once again for the time you are taking for me, BR, Jreuben Alan DeKok [EMAIL PROTECTED] wrote: jreubens wrote: I am newbie trying to test free radius for my master thesis, i installed free radius two days ago and did some initial testing, the initial test was through so the radius server is running properly, before i move on i wanted to test the eap modules, so i tried to test with the help of eapol_test tool that comes with the wpasupplicant, i cannot succeed i get failure message. ... rlm_eap: NAK asked for unsupported type 25 The system does not have the proper OpenSSL libraries installed. Install OpenSSL, and the development headers. Then re-build the server, and PEAP will work. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- View this message in context: http://www.nabble.com/a-newbie-testing-freeradius-need-help-tp16833079p16894919.html Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: a newbie testing freeradius need help
jreubens wrote: I installed new version of openssl and built the radius with the following command ./configure --with-openssl-includes=/usr/local/include/openssl \ --with-openssl-libraries=/usr/local/lib \ Did it *find* the OpenSSL includes and libraries? The output of the configure process will tell you this. the radtest and the radeapclient test was through, i thought to test with the eapol_test, i have the following error (same error), any help will be appreciated. Note: i have the development headers at /usr/local/include/openssl, the lib files at /usr/local/lib and the bin files at /usr/local/bin and finally the conf files at /usr/local/openssl. ... rlm_eap: Ignoring EAP-Type/tls because we do not have OpenSSL support. // I DONT UNDERSTAND THIS LINE What part is unclear? The server was not built with OpenSSL support. Exactly *why* this happened is a question for the configure script. See the output of configure, and the config.log file. Maybe there's something wrong with your OpenSSL installation. Does your OS have a pre-packaged version of OpenSSL? i generated the test certificates as mentioned in the README doc in certs folder. i havnt changed anything in eap.conf except the ceritificates path, as you might have noticed i installed the freeradius in /usr/local/radius. and i deleted the make_cert_command. Thats all i did. What OS are you using? Why is it impossible to use a version of OpenSSL that comes with the OS? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: a newbie testing freeradius need help
Am 25.04.2008 um 13:45 schrieb jreubens: Hi all, I installed new version of openssl and built the radius with the following command ./configure --with-openssl-includes=/usr/local/include/openssl \ --with-openssl-libraries=/usr/local/lib \ --prefix=/usr/local/radius make make install the radtest and the radeapclient test was through, i thought to test with the eapol_test, i have the following error (same error), any help will be appreciated. Note: i have the development headers at /usr/local/include/openssl, the lib files at /usr/local/lib and the bin files at /usr/local/bin and finally the conf files at /usr/local/openssl. Is your path (environment variable $PATH) also pointing to /usr/local/ bin ? Configuration often calls programs to see if a particular feature is there (and to get some other needed data). [...] Nicolas Goutte extragroup GmbH - Karlsruhe Waldstr. 49 76133 Karlsruhe Germany Geschäftsführer: Stephan Mönninghoff, Hans Martin Kern, Tilman Haerdle Registergericht: Amtsgericht Münster / HRB: 5624 Steuer Nr.: 337/5903/0421 / UstID: DE 204607841 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: a newbie testing freeradius need help
Hi alan, i found some thing in the config.log file and i think the path is identified. here with i am attaching a part of the config.log (i dont want to crowd the mailling list). if you give me an hint that would highly appreciable. Thank you. I am using linux (ubuntu 7.10), it has a pre packed openssl which is a e version, i read in a article and it says that it is a engine version You are probably not interested in engine (e) version neither as it is mostly for crypto _hardware_. quoting from the orginal article the url was kind of big so i am not posting the url. Before my original post i relied on the pre packed version of the openssl, then when i wanted to use eapol_test, it asked for a openssl, then i installed a new one. After the first (eapol_test) test failed, you suggested to use the one that come with the distribution... but i didnt see any development headers and binaries. So i over write the OS and made a fresh install of ubuntu then tired to install openssl lastest version and free radius. now i am getting the same error. Thank you for the time you are taking on me, Regards, Jreubens Alan DeKok [EMAIL PROTECTED] wrote: jreubens wrote: I installed new version of openssl and built the radius with the following command ./configure --with-openssl-includes=/usr/local/include/openssl \ --with-openssl-libraries=/usr/local/lib \ Did it *find* the OpenSSL includes and libraries? The output of the configure process will tell you this. the radtest and the radeapclient test was through, i thought to test with the eapol_test, i have the following error (same error), any help will be appreciated. Note: i have the development headers at /usr/local/include/openssl, the lib files at /usr/local/lib and the bin files at /usr/local/bin and finally the conf files at /usr/local/openssl. ... rlm_eap: Ignoring EAP-Type/tls because we do not have OpenSSL support. // I DONT UNDERSTAND THIS LINE What part is unclear? The server was not built with OpenSSL support. Exactly *why* this happened is a question for the configure script. See the output of configure, and the config.log file. Maybe there's something wrong with your OpenSSL installation. Does your OS have a pre-packaged version of OpenSSL? i generated the test certificates as mentioned in the README doc in certs folder. i havnt changed anything in eap.conf except the ceritificates path, as you might have noticed i installed the freeradius in /usr/local/radius. and i deleted the make_cert_command. Thats all i did. What OS are you using? Why is it impossible to use a version of OpenSSL that comes with the OS? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now. config.log_freeradius Description: 1612991938-config.log_freeradius - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: a newbie testing freeradius need help
Hi, Here is my PATH contents PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games i have another doubt here, i have my check-rad, check-radiusd-config, radiusd,radwatch, rc.radiusd everything at /usr/local/radius/sbin... does that means that i have to change the environment variable to point to /usr/local/radius/sbin? Thank you for the time you are taking for me, BR, Jreubens Nicolas Goutte [EMAIL PROTECTED] wrote: Am 25.04.2008 um 13:45 schrieb jreubens: Hi all, I installed new version of openssl and built the radius with the following command ./configure --with-openssl-includes=/usr/local/include/openssl \ --with-openssl-libraries=/usr/local/lib \ --prefix=/usr/local/radius make make install the radtest and the radeapclient test was through, i thought to test with the eapol_test, i have the following error (same error), any help will be appreciated. Note: i have the development headers at /usr/local/include/openssl, the lib files at /usr/local/lib and the bin files at /usr/local/bin and finally the conf files at /usr/local/openssl. Is your path (environment variable $PATH) also pointing to /usr/local/ bin ? Configuration often calls programs to see if a particular feature is there (and to get some other needed data). [...] Nicolas Goutte extragroup GmbH - Karlsruhe Waldstr. 49 76133 Karlsruhe Germany Geschäftsführer: Stephan Mönninghoff, Hans Martin Kern, Tilman Haerdle Registergericht: Amtsgericht Münster / HRB: 5624 Steuer Nr.: 337/5903/0421 / UstID: DE 204607841 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now.- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: a newbie testing freeradius need help
Hi, Hi all, I installed new version of openssl and built the radius with the following command ./configure --with-openssl-includes=/usr/local/include/openssl \ --with-openssl-libraries=/usr/local/lib \ --prefix=/usr/local/radius could you pipe that above command through gerp eg ./configure -blahblah blah | grep WARN rlm_eap: Ignoring EAP-Type/tls because we do not have OpenSSL support. // I DONT UNDERSTAND THIS LINE rlm_eap: Ignoring EAP-Type/ttls because we do not have OpenSSL support. rlm_eap: Ignoring EAP-Type/peap because we do not have OpenSSL support. ^^ fairly simple. no OpenSSL support. radiusd not built with any ability that you want. alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: a newbie testing freeradius need help
Hi, Before my original post i relied on the pre packed version of the openssl, then when i wanted to use eapol_test, it asked for a openssl, then i installed a new one. After the first (eapol_test) test failed, you suggested to use the one that come with the distribution... but i didnt see any development headers and binaries. So i over write the OS and made a fresh install of ubuntu then tired to install openssl lastest version and free radius. now i am getting the same error. ubuntu? you'll need to install libssl-dev package alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: a newbie testing freeradius need help
Am 25.04.2008 um 15:32 schrieb jennie susan: Hi, Here is my PATH contents PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/ usr/games i have another doubt here, i have my check-rad, check-radiusd- config, radiusd,radwatch, rc.radiusd everything at /usr/local/ radius/sbin... does that means that i have to change the environment variable to point to /usr/local/radius/sbin? At least at first it is not necessary, as you can start the programs with the full path, e.g.: /usr/local/radius/sbin/radiusd -X Have a nice day! Thank you for the time you are taking for me, BR, Jreubens Nicolas Goutte [EMAIL PROTECTED] wrote: Am 25.04.2008 um 13:45 schrieb jreubens: Hi all, I installed new version of openssl and built the radius with the following command ./configure --with-openssl-includes=/usr/local/include/openssl \ --with-openssl-libraries=/usr/local/lib \ --prefix=/usr/local/radius make make install the radtest and the radeapclient test was through, i thought to test with the eapol_test, i have the following error (same error), any help will be appreciated. Note: i have the development headers at /usr/local/include/openssl, the lib files at /usr/local/lib and the bin files at /usr/local/bin and finally the conf files at /usr/local/openssl. Is your path (environment variable $PATH) also pointing to /usr/local/ bin ? Configuration often calls programs to see if a particular feature is there (and to get some other needed data). [...] Nicolas Goutte extragroup GmbH - Karlsruhe Waldstr. 49 76133 Karlsruhe Germany Geschäftsführer: Stephan Mönninghoff, Hans Martin Kern, Tilman Haerdle Registergericht: Amtsgericht Münster / HRB: 5624 Steuer Nr.: 337/5903/0421 / UstID: DE 204607841 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/ users.html Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/ users.html Nicolas Goutte extragroup GmbH - Karlsruhe Waldstr. 49 76133 Karlsruhe Germany Geschäftsführer: Stephan Mönninghoff, Hans Martin Kern, Tilman Haerdle Registergericht: Amtsgericht Münster / HRB: 5624 Steuer Nr.: 337/5903/0421 / UstID: DE 204607841 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: a newbie testing freeradius need help
Am 25.04.2008 um 14:59 schrieb jennie susan: Hi alan, i found some thing in the config.log file and i think the path is identified. here with i am attaching a part of the config.log (i dont want to crowd the mailling list). if you give me an hint that would highly appreciable. Thank you. I would guess that other development packages are missing. I am not sure where dlopen is, but probably in the C library. Have a nice day! I am using linux (ubuntu 7.10), it has a pre packed openssl which is a e version, i read in a article and it says that it is a engine version You are probably not interested in engine (e) version neither as it is mostly for crypto _hardware_. quoting from the orginal article the url was kind of big so i am not posting the url. Before my original post i relied on the pre packed version of the openssl, then when i wanted to use eapol_test, it asked for a openssl, then i installed a new one. After the first (eapol_test) test failed, you suggested to use the one that come with the distribution... but i didnt see any development headers and binaries. So i over write the OS and made a fresh install of ubuntu then tired to install openssl lastest version and free radius. now i am getting the same error. Thank you for the time you are taking on me, Regards, Jreubens Alan DeKok [EMAIL PROTECTED] wrote: jreubens wrote: I installed new version of openssl and built the radius with the following command ./configure --with-openssl-includes=/usr/local/include/openssl \ --with-openssl-libraries=/usr/local/lib \ Did it *find* the OpenSSL includes and libraries? The output of the configure process will tell you this. the radtest and the radeapclient test was through, i thought to test with the eapol_test, i have the following error (same error), any help will be appreciated. Note: i have the development headers at /usr/local/include/ openssl, the lib files at /usr/local/lib and the bin files at /usr/local/bin and finally the conf files at /usr/local/openssl. ... rlm_eap: Ignoring EAP-Type/tls because we do not have OpenSSL support. // I DONT UNDERSTAND THIS LINE What part is unclear? The server was not built with OpenSSL support. Exactly *why* this happened is a question for the configure script. See the output of configure, and the config.log file. Maybe there's something wrong with your OpenSSL installation. Does your OS have a pre-packaged version of OpenSSL? i generated the test certificates as mentioned in the README doc in certs folder. i havnt changed anything in eap.conf except the ceritificates path, as you might have noticed i installed the freeradius in /usr/ local/radius. and i deleted the make_cert_command. Thats all i did. What OS are you using? Why is it impossible to use a version of OpenSSL that comes with the OS? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/ users.html Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now.config.log_freeradius - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/ users.html Nicolas Goutte extragroup GmbH - Karlsruhe Waldstr. 49 76133 Karlsruhe Germany Geschäftsführer: Stephan Mönninghoff, Hans Martin Kern, Tilman Haerdle Registergericht: Amtsgericht Münster / HRB: 5624 Steuer Nr.: 337/5903/0421 / UstID: DE 204607841 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: a newbie testing freeradius need help
jennie susan wrote: Thank you alan for your time, As i mentioned before i am new to linux too. I had installed openssl already and the libraries are in /usr/local/lib folder. As I said, you *also* need the development header files. Install those. i dont know how to enable this (path) in the server, because i guess there is another openssl (older version) installed, i had this problem when making eapol_test tool then i installed newer version in the specified directory. If you're not familiar with linux, I would strongly suggest not playing games with multiple versions of OpenSSL. Use the most recent one from your distribution. If it doesn't work, use another distribution. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
a newbie testing freeradius need help
}/server.pem
certificate_file = ${certdir}/server.pem
CA_file = ${cadir}/ca.pem
dh_file = ${certdir}/dh
random_file = ${certdir}/random
# fragment_size = 1024
# include_length = yes
cipher_list = DEFAULT
# make_cert_command = ${certdir}/bootstrap
}
ttls {
default_eap_type = md5
# allowed values: {no, yes}
copy_request_to_tunnel = no
# allowed values: {no, yes}
use_tunneled_reply = no
#virtual_server = inner-tunnel
}
peap {
default_eap_type = mschapv2
copy_request_to_tunnel = no
use_tunneled_reply = no
virtual_server = inner-tunnel
}
mschapv2 {
}
}
sorry to ask you some naive question, i am really new to this. and one more
question whenever i change something in my eap.conf, users and client.conf
file i kill the existing radiusd running and start a new radiusd, is that
right or is there anyways to restart the radiusd.
Thank you all and thank you for your time,
Regards,
Jreuben
--
View this message in context:
http://www.nabble.com/a-newbie-testing-freeradius-need-help-tp16833079p16833079.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: a newbie testing freeradius need help
jreubens wrote: I am newbie trying to test free radius for my master thesis, i installed free radius two days ago and did some initial testing, the initial test was through so the radius server is running properly, before i move on i wanted to test the eap modules, so i tried to test with the help of eapol_test tool that comes with the wpasupplicant, i cannot succeed i get failure message. ... rlm_eap: NAK asked for unsupported type 25 The system does not have the proper OpenSSL libraries installed. Install OpenSSL, and the development headers. Then re-build the server, and PEAP will work. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: a newbie testing freeradius need help
Thank you alan for your time, As i mentioned before i am new to linux too. I had installed openssl already and the libraries are in /usr/local/lib folder. i dont know how to enable this (path) in the server, because i guess there is another openssl (older version) installed, i had this problem when making eapol_test tool then i installed newer version in the specified directory. Then how can i restart the radiusd, is it ok to kill the demon and then start it again sorry for this naive question. thank you once again for the time you are taking for me, BR, Jreuben Alan DeKok [EMAIL PROTECTED] wrote: jreubens wrote: I am newbie trying to test free radius for my master thesis, i installed free radius two days ago and did some initial testing, the initial test was through so the radius server is running properly, before i move on i wanted to test the eap modules, so i tried to test with the help of eapol_test tool that comes with the wpasupplicant, i cannot succeed i get failure message. ... rlm_eap: NAK asked for unsupported type 25 The system does not have the proper OpenSSL libraries installed. Install OpenSSL, and the development headers. Then re-build the server, and PEAP will work. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now.- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: a newbie testing freeradius need help
Am 23.04.2008 um 10:56 schrieb jennie susan: Thank you alan for your time, As i mentioned before i am new to linux too. I had installed openssl already and the libraries are in /usr/local/lib folder. i dont know how to enable this (path) in the server, because i guess there is another openssl (older version) installed, i had this problem when making eapol_test tool then i installed newer version in the specified directory. You could use the LD_LIBRARY_PATH environment varaible to set the path where to find a library. Be careful that this feature might be disabled by the linux distribution that you are using (mainly due to security reasons). In that case you have to change /etc/ld.so.conf (or something like that). Then how can i restart the radiusd, is it ok to kill the demon and then start it again sorry for this naive question. As far as I know it is the recommended way. thank you once again for the time you are taking for me, BR, Jreuben Alan DeKok [EMAIL PROTECTED] wrote: jreubens wrote: I am newbie trying to test free radius for my master thesis, i installed free radius two days ago and did some initial testing, the initial test was through so the radius server is running properly, before i move on i wanted to test the eap modules, so i tried to test with the help of eapol_test tool that comes with the wpasupplicant, i cannot succeed i get failure message. ... rlm_eap: NAK asked for unsupported type 25 The system does not have the proper OpenSSL libraries installed. Install OpenSSL, and the development headers. Then re-build the server, and PEAP will work. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/ users.html Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/ users.html Nicolas Goutte extragroup GmbH - Karlsruhe Waldstr. 49 76133 Karlsruhe Germany Geschäftsführer: Stephan Mönninghoff, Hans Martin Kern, Tilman Haerdle Registergericht: Amtsgericht Münster / HRB: 5624 Steuer Nr.: 337/5903/0421 / UstID: DE 204607841 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
