(RADIATOR) Question on EAP configuration

Terry Simons galimore at mac.com
Thu Aug 19 20:24:51 CDT 2004 

Hi Matthew,

Here's an example config that works with PEAP and TTLS...

- Terry

LogDir          /usr/local/var/log/radius.log
LogFile         %L/logfile
DbDir           /etc/radiator
Trace           4

AuthPort 1812
AcctPort 1813

<Client 172.16.0.2>
         Secret *********
         DupInterval 0
</Client>

<AuthBy FILE>
     Identifier BY_FILE

     Filename                        %D/users
     EAPType                         TTLS PEAP MSCHAP-V2 LEAP TLS
     EAPTLS_MaxFragmentSize          1000
     EAPTLS_CAFile                   /etc/radiator/certs/root.pem
     EAPTLS_CertificateType          PEM
     EAPTLS_CertificateFile          /etc/radiator/certs/cert-srv.pem
     EAPTLS_PrivateKeyFile           /etc/radiator/certs/cert-srv.pem
     EAPTLS_PrivateKeyPassword       whatever

     EAPTLS_SessionResumption 0
     EAPAnonymous                %0

     # Needed for Mac OS X user support
     EAPTLS_PEAPVersion 0

     AutoMPPEKeys
</AuthBy>

<Handler TunnelledByPEAP=1>
     <AuthBy FILE>
         Filename %D/users

         EAPType MSCHAP-V2
     </AuthBy>
</Handler>

<Handler TunnelledByTTLS=1>
     AuthBy BY_FILE
</Handler>

<Handler>
      AuthBy BY_FILE
</Handler>

On Aug 19, 2004, at 5:35 PM, Matthew Kolbo wrote:

> Hi:
>
> Does anyone have a sample config file for EAP-TLS/TTLS that I can take 
> a
> look at?  I am evaluating this software and I am having some difficulty
> getting the thing to kick over.  Basically, I am in an educational
> environment trying to use a Radius server to authenticate laptops.  I 
> have
> Senao A/G APs that support only EAP authentication.  All I need to 
> have this
> do is authenticate clients (Windows 802.1x preferred engine) and I 
> would
> like to use Dynamic WEP as well.  Flat file is fine.  Thanks for the 
> help.
>
> Matt
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list