We are setting up our wireless to authenticate against FreeRadius and FreeIPA. I am looking for any instructions on how to integrate radius with IPA. We can get them talking via kerberos, but when we have a wireless client attempt to authenticate against them, the password gets stripped out and only the username gets passed on, resulting in a failed logon attempt.

As we have studied the problem we have identified the communication protocols used by wireless to pass on the user credentials to radius. Wireless uses EAP as it's primary protocol. We are running Xirrus wireless APs and from what we can learn, they act only as a pass through conduit for the client. Ideally we would like them to speak PEAP TTLS, this would allow kerberos to process from the client to the IPA server, we are still researching this.

Are there any instructions on how to integrate FreeRadius 3.0.10 with FreeIPA 3.3.5? Any help would be appreciated.


Randy Morgan
Department of Chemistry and Biochemistry
Brigham Young University

Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project

Reply via email to