Hello Joao,
You should be able to use PEAP and AuthBy LDAP2 together without any problems.
You should note that because PEAP uses non-reversible encryption, your LDAP
database will need to contain the correct plaintext password, and Radiator to
configured to get that password (ie not using ServerChecksPassword).
So, you should be able to use something like this (not tested)
<Handler>
<AuthBy LDAP2>
# Standard LDAP parameters:
Host localhost
AuthDN cn=Manager, dc=my-domain, dc=com
AuthPassword secret
BaseDN dc=my-domain, dc=com
UsernameAttr cn
PasswordAttr userPassword
# EAP support for PEAP
EAPTypes PEAP
EAPTLS_CAFile %D/certificates/demoCA/cacert.pem
EAPTLS_CertificateFile %D/certificates/cert-srv.pem
EAPTLS_CertificateType PEM
EAPTLS_PrivateKeyFile %D/certificates/cert-srv.pem
EAPTLS_PrivateKeyPassword whatever
EAPTLS_MaxFragmentSize 1000
AutoMPPEKeys
</AuthBy>
</Handler>
As usual, if you are having problems making it work, please post your config
file (no secrets) and a log file at trace level 4.
Cheers.
On Wed, 4 Jun 2003 01:03 am, Joao Martins wrote:
> Hi!
>
> I'm having a problem:
>
> I've configured radius.cfg to authenticate my users by external
> database - LDAP. I don't have any problems here!
> I've configured other radius.cfg to use PEAP, with a local users
> file. I don't have any problems here too!
>
> I'm trying to use PEAP and LDAP together, without any success.
>
> Can anyone give me some hints on how to get it work, or radius.cfg
> examples?
>
> I've tried many different configurations... and nothing!
>
> Thanks in advance.
>
>
> Regards,
>
>
> Jo�o Martins
>
> =======================================================================
> Centro de Inform�tica e Comunica��es Email: [EMAIL PROTECTED]
> Universidade de Aveiro Phone: +351 234 370099
> 3810-193 Aveiro Ext: 22299
> Portugal Web: http://www.cic.ua.pt/
>
>
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on [EMAIL PROTECTED]
> To unsubscribe, email '[EMAIL PROTECTED]' with
> 'unsubscribe radiator' in the body of the message.
--
Mike McCauley [EMAIL PROTECTED]
Open System Consultants Pty. Ltd Unix, Perl, Motif, C++, WWW
24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au
Phone +61 3 9598-0985 Fax +61 3 9598-0955
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP etc on Unix, Windows, MacOS etc.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
