On 08/22/2011 10:38 PM, Roberto Carlos wrote: Hello Roberto,
> Hello, I've installed an evaluation version of Radiator and need to test > 802.1x authentication on our Aruba wireless network using EAP-TTLS as the EAP > method. > > We currently have a solution using PEAP-GTC up and running via a Cisco ACS > (4.1 code), but are experiencing stability problems using that EAP type with > the Mac OS 10.5 and 10.6 supplicant. Our ACS doesn't support EAP-TTLS, hence > the Radiator trial. Our current design hands-off the auth request to our LDAP > server (OpenLDAP) for verification and we'd like to implement the same > scenario here, but substituting EAP-TTLS. Radiator should work well with EAP-TTLS and Macs. I see no problems with Aruba either. > I've found a useful EAP-TTLS configuration guide for Interlink RAD-Series > RADIUS Server here > http://www.interlinknetworks.com/app_notes/eap-peap.htm > > and am wondering if a similar config guide exists for Radiator. That or any > other suggestions to get my trial started would be most appreciated. You may want to see goodies/eap_multi.cfg in the Radiator distribution. TTLS authentication hits first the <Handler> clause. This clause takes care of establishing the TLS tunnel. Once the tunnel is ready, <Handler TunnelledByTTLS=1> takes care of the inner authentication. Instead of <AuthBy FILE> you would use <AuthBy LDAP2> with the inner Handler. For LDAP configuration, please see goodies/ldap.cfg The reference manual will also be useful for checking the configuration options. This should get you started. Please let us know how it goes. Thanks! Heikki -- Heikki Vatiainen <[email protected]> Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc. _______________________________________________ radiator mailing list [email protected] http://www.open.com.au/mailman/listinfo/radiator
