Radius + LDAP + EAP-PEAP
3 Attachment(s)
I read over the freeradius and openldap docs for a day and used a high level procedure at http://vuksan.com/linux/dot1x/802-1x-LDAP.html. I can successuly authenicate to the radius server with simple authenication:
Code:
[root@localhost ~]# echo "User-Name = "jonatstr", Password = "ggsg"" | radclient -x localhost auth testing123 Having problems with EAP-PEAP. I've attached the debug from radius and ldap user. I'm thinkin its something to do with the way Im dealing with windows users (ntpasswords). As you can see, there is a warning indicating possible password problems. TLS tunnel is properly setup, fails on challenges to the client... Thanks in advance... |
So problems is definately in ldap, how I am storing the lm and nm passwords. I can store them in the users as cleartext-passwords and freeradius properly translates them. I'll have to mess with this a bit more ... suggestions still welcome.
|
In the innertunnel config file, I had to ensure ldap was before mschap. all is working now. will try and piece together a final doc to this forum...
|
All times are GMT -5. The time now is 06:36 PM. |