Hello All,

We have FreeIPA running on Centos7
[root@freeipa03 ~]# cat /etc/*release
CentOS Linux release 7.2.1511 (Core)

Not fully updated but that is planned.

[root@freeipa03 ~]# yum list installed | grep ipa
ipa-admintools.x86_64                 4.2.0-15.0.1.el7.centos.19
ipa-client.x86_64                     4.2.0-15.0.1.el7.centos.19
ipa-python.x86_64                     4.2.0-15.0.1.el7.centos.19
ipa-server.x86_64                     4.2.0-15.0.1.el7.centos.19
ipa-server-dns.x86_64                 4.2.0-15.0.1.el7.centos.19
libipa_hbac.x86_64                    1.13.0-40.el7_2.12
python-iniparse.noarch                0.4-9.el7
python-libipa_hbac.x86_64             1.13.0-40.el7_2.12
sssd-ipa.x86_64                       1.13.0-40.el7_2.12

We are using FreeIPA to authenticate laptops/users, that works great. Thank
you for making that possible!

Now I bought some Linksys access points and installed Openwrt on them.
Next I'm following the second part of this wiki:


starting from : install, configure and test RADIUS server as a frontend to

That works great, up to the point where I can do the radtest:

[root@freeipa03 ~]# radtest test password123 1812 testing1234
Sending Access-Request Id 26 from to
    User-Name = 'test'
    User-Password = 'password123'
    NAS-IP-Address =
    NAS-Port = 1812
    Message-Authenticator = 0x00
Received Access-Accept Id 26 from to length 20

where user test  is in freeipa and is the vpn address of the
ipa server.

My question now is: is it possible to have users connect with the
Linksys/Openwrt access point using username/password from FreeIPA?
So far I'm not getting past EM:

Error: Ignoring request to auth address * port 1812 as server default from
unknown client port 55421 proto udp

where is the Openwrt access point.

I added the access point to /etc/radddb/client.conf in a number of ways,
but nothing changes. Now I'm thinking, because Freeradius now reads from
it doesn't recognize the access point.

Thanks for any advise.

greetings, J.
Manage your subscription for the Freeipa-users mailing list:
Go to http://freeipa.org for more info on the project

Reply via email to