![]() ![]() Rad_recv: Access-Accept packet from host 130.225.235.6 port 1812, id=215, length=20īut when I try through the AP, it doesn't fly - while it does confirm that it figures out the NT and LM passwords. ![]() When using radtest, I can connect fine: > radtest testuser "mr2Yx36N" sbhr.dk 0 radius-private-password UserPassword: Z0SwaKO5tuGxgxtceRDjiDGFy6bRL6ja I've created a test user in LDAP, with the password mr2Yx36M - this gives an LDAP entry roughly of: uid: testuser This links to, which is a very worthwhile read if you want to know how WiFi security works.Īfter following the above guide, I've managed to get FreeRADIUS to talk to LDAP: I got a certificate from (you should probably get a "real" cert if possible) I ended up compiling my own FreeRADIUS package yesterday evening - there's a really good recipe at (See the comments to the post for updated instructions). Bummer.īut some useful documentation for anybody interested: Ignoring EAP-Type/peap because we do not have OpenSSL support.īasically the Ubuntu version of FreeRADIUS does not support SSL ( bug 183840), which makes all the secure EAP-types useless. Ignoring EAP-Type/ttls because we do not have OpenSSL support. While I found several useful resources, there is one serious obstacle: Ignoring EAP-Type/tls because we do not have OpenSSL support. So far, our setup is based only on software from the Ubuntu repositories, with exception of our LDAP administration web application and a few small special scripts.I now somebody less knowledgeable than me will eventually take over administration, so the setup has to be as "trivial" as possible.Our AP's are HP's low end enterprise stuff - they seem to support whatever you can think of.We got a separate physical network just for WiFi, so not too many worries about security on that front.I've been looking at FreeRADIUS, but any RADIUS server will do.I got a working LDAP, but as it is not in production use, it can very easily be adapted to whatever changes this project may require.In short, I'm looking for a guide to set RADIUS server to authenticate WPA2 against a LDAP. I'm setting up a wireless network for ~150 users. ![]()
0 Comments
Leave a Reply. |