Radius + TLS

Fri, 28 Jan 2005 12:55:45 -0800 


 Now, I need to use RADIUS with TLS. But I am have problem.
 I don�t know RADIUS+TLS speak with LDAP+TLS.
 When I use ldapsearch the comunication with LDAP Server+TLS is OKAY in 
port LDAPS (636).

 In the  Radius I put:
---------------------------------------
start_tls = yes
tls_mode = yes
tls_cacertfile = /radius/rootCA.crt
tls_cacertdir = /radius/
port=636
tls_certfile = /radius/server.crt
tls_keyfile = /radius/server.key
-------------------------------------


 My ldapseach is OKAY to connect with LDAP+TLS server, But RADIUS not.
 Below I show problems with RADIUS:
PS: I use "netstat -at" to look port ldaps(636) UP before.
---------------------------------------------
Cleaning up request 4 ID 131 with timestamp 41fa6269
Nothing to do.  Sleeping until we see a request.
rad_recv: Access-Request packet from host 146.164.247.235:10047, id=131, 
length=142
        User-Name = "anderson"
        CHAP-Password = 0xc69679dfcd6222a04b11fb35fa5d4d5489
        NAS-IP-Address = z.y.x.35
        NAS-Identifier = "UFRJGK"
        NAS-Port-Type = Virtual
        Service-Type = Login-User
        CHAP-Challenge = 0x41f7feae
        Framed-IP-Address = z.y.x.98
        Cisco-AVPair = "h323-ivr-out=terminal-alias:anderson,025980011;"

rad_lowerpair:  User-Name now 'anderson'
rad_rmspace_pair:  User-Name now 'anderson'
modcall: entering group authorize for request 6
    rlm_realm: No '@' in User-Name = "anderson", looking up realm NULL
    rlm_realm: Found realm "NULL"
    rlm_realm: Adding Stripped-User-Name = "anderson"
    rlm_realm: Proxying request from user anderson to realm NULL
    rlm_realm: Adding Realm = "NULL"
    rlm_realm: Authentication realm is LOCAL.
  modcall[authorize]: module "suffix" returns noop for request 6
  modcall[authorize]: module "digest" returns noop for request 6
rlm_ldap: - authorize
rlm_ldap: performing user authorization for anderson
radius_xlat:  '(&(uid=anderson)(objectclass=radiusprofile))'
radius_xlat:  'ou=users,dc=voip,dc=nce,dc=ufrj,dc=br'
ldap_get_conn: Got Id: 0
rlm_ldap: attempting LDAP reconnection
rlm_ldap: (re)connect to z.y.x.16:389, authentication 0
rlm_ldap: starting TLS
rlm_ldap: ldap_start_tls_s()
rlm_ldap: could not start TLS Connect error
rlm_ldap: (re)connection attempt failed
rlm_ldap: search failed
ldap_release_conn: Release Id: 0
  modcall[authorize]: module "ldap" returns fail for request 6
modcall: group authorize returns fail for request 6
Finished request 6
Going to the next request
---------------------------------------------

 Some Does know like help me?



-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to