Hello All, We have FreeIPA running on Centos7 [root@freeipa03 ~]# cat /etc/*release CentOS Linux release 7.2.1511 (Core)
Not fully updated but that is planned. [root@freeipa03 ~]# yum list installed | grep ipa ipa-admintools.x86_64 4.2.0-15.0.1.el7.centos.19 @updates ipa-client.x86_64 4.2.0-15.0.1.el7.centos.19 @updates ipa-python.x86_64 4.2.0-15.0.1.el7.centos.19 @updates ipa-server.x86_64 4.2.0-15.0.1.el7.centos.19 @updates ipa-server-dns.x86_64 4.2.0-15.0.1.el7.centos.19 @updates libipa_hbac.x86_64 1.13.0-40.el7_2.12 @updates python-iniparse.noarch 0.4-9.el7 @anaconda python-libipa_hbac.x86_64 1.13.0-40.el7_2.12 @updates sssd-ipa.x86_64 1.13.0-40.el7_2.12 @updates We are using FreeIPA to authenticate laptops/users, that works great. Thank you for making that possible! Now I bought some Linksys access points and installed Openwrt on them. Next I'm following the second part of this wiki: https://www.freeipa.org/page/Using_FreeIPA_and_FreeRadius_as_a_RADIUS_based_software_token_OTP_system_with_CentOS/RedHat_7 starting from : install, configure and test RADIUS server as a frontend to IPA. That works great, up to the point where I can do the radtest: [root@freeipa03 ~]# radtest test password123 192.168.250.12 1812 testing1234 Sending Access-Request Id 26 from 0.0.0.0:44889 to 192.168.250.12:1812 User-Name = 'test' User-Password = 'password123' NAS-IP-Address = 192.168.250.12 NAS-Port = 1812 Message-Authenticator = 0x00 Received Access-Accept Id 26 from 192.168.250.12:1812 to 192.168.250.12:44889 length 20 where user test is in freeipa and 192.168.250.12 is the vpn address of the ipa server. My question now is: is it possible to have users connect with the Linksys/Openwrt access point using username/password from FreeIPA? So far I'm not getting past EM: Error: Ignoring request to auth address * port 1812 as server default from unknown client 10.10.20.117 port 55421 proto udp where 10.10.20.117 is the Openwrt access point. I added the access point to /etc/radddb/client.conf in a number of ways, but nothing changes. Now I'm thinking, because Freeradius now reads from FreeIPA, it doesn't recognize the access point. Thanks for any advise. greetings, J.
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project