On 2013-07-09 at 00:52, Alan DeKok (al...@deployingradius.com) wrote: > Julian Macassey wrote: > > So, I put it back in. I took it out earlier as 1. I > > couldn't connect with it. 2. My understanding from reading the > > docs was that pap alone would do the job. > > (1) No, and (2) Not for 8021.X > > > I'm just trying to do a bog standard username and > > password for OS X and Linux users on laptops - Plus the > > ubiquitous smartphones of course. I have no Microsoft gear on the > > LAN. > > > > Here is my latest output: > > Which indicates that you didn't tell the server what the *good* > password is for the user. Why not?
In the Wifi sign on window of both a Macbook and an iPhone, I enter the username and the password. So, from my sign on I have told the server both. > > Read the FAQ. It has instructions for configuring a sample user. > When you've done that, it *will* authenticate that user. I have done that, if you mean putting username and password, plus shared secret in the /etc/freeradius/users file. Using radtest as described in the documentation I have done it and it works. What doesn't work is getting a Macbook to connect to a Netgear N600 WiFi Router using WPA2 Enterprise and freeradius using the username and login available to any user logging into the freeradius machine via the conole or ssh. > > Getting 802.1X to work requires a number of steps. You've missed > some. My guide goes through this in detail, and following it will > *always* work: > > http://deployingradius.com/ I have read and followed http://deployingradius.com/documents/configuration/setup.html What I haven't yet done is replace the "snake oil" certs with production certs: http://deployingradius.com/documents/configuration/certificates.html But get the output I have sent before. The instructions above are for Microsoft Windows, but Linux and Mac OSX should be pretty standard. Yours - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html