Hello All, not trying to push for an answer here; but in reply to this post I got a lot of spam that I don't want my wife of kids to see.
This is only my second post here so I'm just wondering if I'm ending up in spam because I'm getting this spam or if the question is just very far fetched. Greetings, J. 2017-05-07 20:16 GMT+02:00 Johan Vermeulen <jameslas...@gmail.com>: > Hello All, > > I have sent the same mail a few days ago, but I think it ended up in > spam........... > > We have FreeIPA running on Centos7 > [root@freeipa03 ~]# cat /etc/*release > CentOS Linux release 7.2.1511 (Core) > > Not fully updated but that is planned. > > [root@freeipa03 ~]# yum list installed | grep ipa > ipa-admintools.x86_64 4.2.0-15.0.1.el7.centos.19 > @updates > ipa-client.x86_64 4.2.0-15.0.1.el7.centos.19 > @updates > ipa-python.x86_64 4.2.0-15.0.1.el7.centos.19 > @updates > ipa-server.x86_64 4.2.0-15.0.1.el7.centos.19 > @updates > ipa-server-dns.x86_64 4.2.0-15.0.1.el7.centos.19 > @updates > libipa_hbac.x86_64 1.13.0-40.el7_2.12 > @updates > python-iniparse.noarch 0.4-9.el7 > @anaconda > python-libipa_hbac.x86_64 1.13.0-40.el7_2.12 > @updates > sssd-ipa.x86_64 1.13.0-40.el7_2.12 > @updates > > We are using FreeIPA to authenticate laptops/users, that works great. > Thank you for making that possible! > > Now I bought some Linksys access points and installed Openwrt on them. > Next I'm following the second part of this wiki: > > https://www.freeipa.org/page/Using_FreeIPA_and_FreeRadius_as > _a_RADIUS_based_software_token_OTP_system_with_CentOS/RedHat_7 > > starting from : install, configure and test RADIUS server as a frontend to > IPA. > > That works great, up to the point where I can do the radtest: > > [root@freeipa03 ~]# radtest test password123 192.168.250.12 1812 > testing1234 > Sending Access-Request Id 26 from 0.0.0.0:44889 to 192.168.250.12:1812 > User-Name = 'test' > User-Password = 'password123' > NAS-IP-Address = 192.168.250.12 > NAS-Port = 1812 > Message-Authenticator = 0x00 > Received Access-Accept Id 26 from 192.168.250.12:1812 to > 192.168.250.12:44889 length 20 > > where user test is in freeipa and 192.168.250.12 is the vpn address of > the ipa server. > > My question now is: is it possible to have users connect with the > Linksys/Openwrt access point using username/password from FreeIPA? > So far I'm not getting past EM: > > Error: Ignoring request to auth address * port 1812 as server default from > unknown client 10.10.20.117 port 55421 proto udp > > where 10.10.20.117 is the Openwrt access point. > > I added the access point to /etc/radddb/client.conf in a number of ways, > but nothing changes. Now I'm thinking, because Freeradius now reads from > FreeIPA, > it doesn't recognize the access point. > > Thanks for any advise. > > greetings, J. > > > >
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project