Subject: Setting Up a Freeradius Server
Date: Wednesday 25 August 2004 16:17
From: Marco Garro <[EMAIL PROTECTED]>
To: FreeRadius <[EMAIL PROTECTED]>
Hi all,
i'm new to freeradius world. I'm trying to set up a FreeRadius server because
I need eap-tls authentication in my WLAN.
I'm using a BUFFALO WBR-G54 AP that support Radius Auth.
I build my freeradius server so:
First I build openssl 0.9.7-stable-SNAP-20040819
./config shared --prefix=/usr/local/openssl
make
make install
and then i Build FreeRadius so:
./configure --with-openssl-include=/usr/local/openssl/include
--with-openssl-libraries=/usr/local/openssl/lib --prefix=/usr/local/radius
make
make install
Done this, i produce my certificate using script/CA.all
Now i should configure freeradius.
I edit eap.conf to say to freeradius where are the certificates:
eap{
default_eap_type = tls
...
}
tls{
private_key_password = whatever
private_key_file = /usr/local/radius/etc/1x/cert-srv.pem
certificate_file = /usr/local/radius/etc/1x/cert-srv.pem
CA_file = /usr/local/radius/etc/1x/root.pem
dh_file = /usr/local/radius/etc/1x/dh
random_file = /usr/local/radius/etc/1x/random
fragment_size = 1024
include_length = yes
}
I do dh and random files so: date > dh; date > random
At this time, following an web document by Raymond McKay, I write a wrapper
for radiusd:
#!/bin/sh -x
LD_LIBRARY_PATH=/usr/local/openssl/lib
LD_PRELOAD=/usr/local/openssl/lib/libcrypto.so
export LD_LIBRARY_PATH LD_PRELOAD
/usr/local/radius/sbin/radiusd $@
Using XP supplicant I install cert-clt.p12 and root.der on the client, and
trying to use Odissey as client. But the authentication never go on. In fact
does not start EAP conversation, in spite of a request in received by server.
I need help. Please help me.
Bye,
Marco GARRO
http://www.garro.biz/
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
