Hi, > ok (you guys propably hate me :) but please could you still give me the > answers as you did before) > but back to the subject: > I did like you said, > I installed 2.0.4 version (compiled using suggestions from: > http://www.fatofthelan.com/articles/articles.php?pid=27 > http://www.linuxinsight.com/building-debian-freeradius-package-with-eap-tls-ttls-peap-support.html)
you are using an old version, you are using random 3rd party instructions of dubious dates and knowledge. > first one: > when I open properites of client certificate on XP using mmc-certificates > console I have the information that "Windows doesnt have enough information > to verify this certificate" "You have proper private key to this > certificate" (it is non-english system so its translation but I think > translation is ok) this means you didnt install the CA - ensure you've added it to the trusted CA list in the system - use the certificate MMC Snapin. > second one: original packet has this: > User-Name = "[email protected]" this is then proxied to the system handling example.com: > rlm_realm: Looking up realm "example.com" for User-Name = " > [email protected]" > rlm_realm: Found realm "example.com" > rlm_realm: Adding Stripped-User-Name = "user" > rlm_realm: Adding Realm = "example.com" > rlm_realm: Proxying request from user user to realm example.com > rlm_realm: Preparing to proxy authentication request to realm " > example.com" > ++[suffix] returns updated ..which then says this: > rlm_eap: Identity does not match User-Name, setting from EAP Identity. > rlm_eap: Failed in handler so..somewhere along the line you are playing with the User-Name attribute...something which you cannot do with EAP - if you take a standard 2.1.6 install and make the basic changes to your eap.conf and clients.conf it will work. alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
