Si St wrote: > Taking a glimps at the page > http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_9_ea1/configuration/guide/Sw8021x.html#wp1033659
So... why are you reading random pages on the net? And not the pages we suggested you read? > it seemes obvious to me that I have misunderstood a few things: > I thought I needed something EXTRA that should run a NAS request to the > radius-server, and thought the router should do the job. You're mixing up terminology. Get it right, or you'll *never* understand what's going on. > But the NAS is there already in the freeradiusserver downloadfile > installed together with the server. What the heck does that mean? > Looking at what the radtest is > spitting out it is there with its NAS IP and port "Sending > Access-Request". > The radiud -X answers this request:"rad_recv: Access-Request......[pap] > User authenticated successfully > ++[pap] returns ok........... Well... you've completely misunderstand everything about that. > Were there no NAS already, the radiusd would not have answered. Simple > as that. No. Absolutely not. Not "simple as that". > From this it is of course obvious to me that it is impossible > that the router can run a NAS, No. Many routers do send RADIUS Access-Request packets. > and I can understand Buxeys resignation > about my "very special router". No. You thought that the router would accept RADIUS packets from a third party, and then send them to the RADIUS server. Routers don't work like that. Hence his comment of "very special router". > The router can only direct or rather > route the userclient message to the NAS-radius machinery. You're using terminology you invented. STOP IT NOW. Your misconception of how everything works is making it IMPOSSIBLE for you to understand ANYTHING. > That is what > the router's EAP-switch is for, letting me configure an IP and a port in > that box where to send it, have it treated by the > NAS/radclient/radserver and receive an OK or something to let me through > to the f.ex. internet. Isn't this correct? It's complete nonsense. You might as well be writing gibberish. > If this is correct everything is simplified to just find out how to > network this. > Am I closer now? You're even further away from understanding how it works. Read the Wikipedia pages on RADIUS and EAP. It's really not hard. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
