In my setup, I have
authorize {
...
LDAP
....
EAP
}
authenticate {
....
Auth-Type LDAP {
ldap
}
...
EAP
}
I did not have to change anything with PAP in order for it to
authenticate against my LDAP server.
On Wed, 15 Dec 2004 15:14:00 -0500, Joe Raviele <[EMAIL PROTECTED]> wrote:
> I have a radius box set up using 1.0.1. Currently it is doing
> authentication and working fine. I am trying to integrate in 802.1x
> auth. I have the EAP-TTLS w/ PAP working fine with a users entry of
> "username" User-Password == "test", but I am confused how the users
> and authorize and authenticate sections of the radiusd file should be
> set to have EAP look at an LDAP entry. I know I have to set the pap
> module to md5 to work with the LDAP and that I will have a new
> huntgroup just for the .1x authentication, but I am stumped from
> there. Below is how my users file and radiusd look now, my question is
> really how should they look when I intergrate in the .1x
>
> Thanks in advance guys, you have helped me out in the past and I would
> appreciate anything else you could do for me now.
>
> - Joe
>
> ***radiusd.conf
> ...
> authorize {
> autztype VPN_LDAP {
> redundant {
> VPN_LDAP1
> VPN_LDAP2
> }
> }
>
> autztype Dial_LDAP {
> redundant {
> Dial_LDAP1
> Dial_LDAP2
> }
> }
> ...
> authenticate {
> authtype VPN_LDAP {
> redundant {
> VPN_LDAP1
> VPN_LDAP2
> }
> }
>
> authtype Dial_LDAP {
> redundant {
> Dial_LDAP1
> Dial_LDAP2
> }
> }
>
> ***users
>
> DEFAULT Autz-Type := VPN_LDAP, Auth-Type := VPN_LDAP, Huntgroup-Name == VPN
>
> DEFAULT Autz-Type := Dial_LDAP, Auth-Type := Dial_LDAP, Huntgroup-Name == DIAL
> Service-Type == Framed-User,
> Ascend-Assign-IP-Pool = 1,
> Framed-IP-Address = 255.255.255.254,
> Framed-MTU = 1524,
> Service-Type = Framed-User,
> Fall-Through = No
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
--
Justin Guidroz
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
