Yeah, i think radius doesn't even boot if there is something wrong with certs. I checked firewalls, routing tables, etc. and no problem there.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Oh my god, now i opened up brand new Linksys router, installed dd-wrt on it and plugged it into my first freeradius server, that worked already. And now it doesn't get past the Access-Challenge! Please help me, what could be wrong? I used tcpdump to make sure, AP is sending nothing but
SOLVED! Problem is, Lynksys v5.1 can use only DD-WRT 23 sp1 MICRO - micro version is cousing problems! I used Lynksys v7 (thanks god i have plenty of those with different versions on dispossial :P) with original FW and it works!
-
List info/subscribe/unsubscribe? See
Hello, it's me again, did you miss me? :)Thing is, i tried to make 2nd freeradius server (eap-peap,mschapv2,openldap), with same setup and i configured it exact same way, but i get this when i try to connect:
rad_recv: Access-Request packet from host 192.168.1.1:3079, id=0, length=121 User-Name =
Wohoo it works now :D Clear text password in LDAP worked like a charm now (dunno why i had problems with it in the past) :P Thank you all guys 10x!!!
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Ok i really don't get it. I made all certificates myself using only
openssl (no scripts) and entered path to them in TLS part of the
eap.conf file. CA, server cert.., everything is there in the same
directory (in my case - CERTS, with big letters) (how would i sign
certificate if i wouldn't create
Yes yes, i understand, this works now :) I copied CA public key to wireless client and now it works. Now i only get this error:
rlm_mschap: No User-Password configured. Cannot create LM-Password.
rlm_mschap: No User-Password configured. Cannot create NT-Password.
rlm_mschap: Told to do
Requests prior to #4 are missing becouse i tried to connect multiple
times, and i didn't want to paste same thing twice. Then everything got
corrupted, becouse i had to paste it by pieces in the gmail and it
really got messed up. So here is the example of full (pasted with care
:p) radius log:
I get Access-Reject, whole debug log is here:
rad_recv: Access-Request packet from host 192.168.1.1:3072, id=0, length=236
User-Name = test
NAS-IP-Address = 192.168.1.1
Called-Station-Id = 00401013
Calling-Station-Id = 000e3557c74e
NAS-Identifier = 00401013
NAS-Port = 30
Ok, let me try to get that straight - i can't use ldap in authorization section of radiusd.conf (or in users file) and connect to radius with WinXP client. But i can use something else instead and still connect to radius with ldap accounts, right?
John wrote:However, in my LDAP directory, it
Ok, i'm back on this case. I didn't have time to work on it past few days. The debug log you posted hows that you set Auth-Type := LDAP.
Don't do that. Alan DeKok.I have that set in users file:--DEFAULT Auth-Type := LDAPFall-Through = 1
11 matches
Mail list logo
