Hi, I'm a newbie to all of this, so please bear with me. This list is all I've got!
We are introducing a wireless infrastructure on our campus (a little late in the game). Right now we're in testing phase. In this testing phase, We are using several 3com 7250 AP's, some 3com cards capable of 802.1x, and Novell eDirectory (LDAP). My requirement is to enable 802.1x authentication to the AP's using EAP/TLS. Additionally, I need to be able to authenticate the users to Novell via LDAP. All via the FreeRADIUS server. I have configured freeradius version 0.9.3 to work successfully with only ldap authentication against Novell eDirectory. I have also verified that 802.1x authentication is working with the AP. However, if I attempt to somehow enable both authentication mechanisms, I fail. The logs keep passing the EAP username (common name from cert) to ldap and of course ldap spits it out because the object does not exist. Again, I'm new to this, and maybe I have made incorrect assumptions of what the end result should be. Maybe this isn't even possible, but here's what I had hoped to come away with: the wireless user boots their laptop, then gets authenticated via eap/tls. They then open a browser, and are asked for username and password (via dialog box?), or either redirected to a login page. The username and password are then passed to ldap for authentication. Successful authentication results in the client being given internet access. Is this possible? Or, am I totally misunderstanding how this is all supposed to work (very likely)? I must admit, I'm not very comfortable when working with the config files. Not too sure what I'm doing in there. I tackled this whole project somewhat blindly, with the help of various bits of info I gathered from google searches. I do need to obtain a good book on this stuff...that's obvious...but I am hoping that someone on this list has experience with getting freeradius to work with eap/tls and novell ldap authentication and is willing to share that experience and wisdom. (Embarrassed) Sorry again for the newbie-ness of this post, and thanks in advance for any help! mack -- This message has been scanned for viruses and dangerous content by the CSU Email Gateway, and is believed to be clean. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
