Now, I need to use RADIUS with TLS. But I am have problem. I donīt know RADIUS+TLS speak with LDAP+TLS. When I use ldapsearch the comunication with LDAP Server+TLS is OKAY in port LDAPS (636).
In the Radius I put: --------------------------------------- start_tls = yes tls_mode = yes tls_cacertfile = /radius/rootCA.crt tls_cacertdir = /radius/ port=636 tls_certfile = /radius/server.crt tls_keyfile = /radius/server.key ------------------------------------- My ldapseach is OKAY to connect with LDAP+TLS server, But RADIUS not. Below I show problems with RADIUS: PS: I use "netstat -at" to look port ldaps(636) UP before. --------------------------------------------- Cleaning up request 4 ID 131 with timestamp 41fa6269 Nothing to do. Sleeping until we see a request. rad_recv: Access-Request packet from host 146.164.247.235:10047, id=131, length=142 User-Name = "anderson" CHAP-Password = 0xc69679dfcd6222a04b11fb35fa5d4d5489 NAS-IP-Address = z.y.x.35 NAS-Identifier = "UFRJGK" NAS-Port-Type = Virtual Service-Type = Login-User CHAP-Challenge = 0x41f7feae Framed-IP-Address = z.y.x.98 Cisco-AVPair = "h323-ivr-out=terminal-alias:anderson,025980011;" rad_lowerpair: User-Name now 'anderson' rad_rmspace_pair: User-Name now 'anderson' modcall: entering group authorize for request 6 rlm_realm: No '@' in User-Name = "anderson", looking up realm NULL rlm_realm: Found realm "NULL" rlm_realm: Adding Stripped-User-Name = "anderson" rlm_realm: Proxying request from user anderson to realm NULL rlm_realm: Adding Realm = "NULL" rlm_realm: Authentication realm is LOCAL. modcall[authorize]: module "suffix" returns noop for request 6 modcall[authorize]: module "digest" returns noop for request 6 rlm_ldap: - authorize rlm_ldap: performing user authorization for anderson radius_xlat: '(&(uid=anderson)(objectclass=radiusprofile))' radius_xlat: 'ou=users,dc=voip,dc=nce,dc=ufrj,dc=br' ldap_get_conn: Got Id: 0 rlm_ldap: attempting LDAP reconnection rlm_ldap: (re)connect to z.y.x.16:389, authentication 0 rlm_ldap: starting TLS rlm_ldap: ldap_start_tls_s() rlm_ldap: could not start TLS Connect error rlm_ldap: (re)connection attempt failed rlm_ldap: search failed ldap_release_conn: Release Id: 0 modcall[authorize]: module "ldap" returns fail for request 6 modcall: group authorize returns fail for request 6 Finished request 6 Going to the next request --------------------------------------------- Some Does know like help me? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html