(RADIATOR) Airport Extreme Base Station with EAP
Terry Simons
galimore at mac.com
Fri Sep 10 11:08:35 CDT 2004
This isn't a problem with the extreme...
You don't have something installed correctly with Radiator.
You definitely don't have all of the pieces configured correctly.
The following configuration will enable TTLS and PEAP, and it does work
with the Airport extreme. If you still get the error messages about
"response_identity" then I suspect you have something wrong with your
installation.
LogDir /usr/local/var/log/radius.log
LogFile %L/logfile
DbDir /etc/radiator
Trace 4
AuthPort 1812
AcctPort 1813
<Client 10.0.0.10>
Secret *********
DupInterval 0
</Client>
<AuthBy FILE>
Identifier BY_FILE
Filename %D/users
EAPType TTLS PEAP MSCHAP-V2 LEAP TLS
EAPTLS_MaxFragmentSize 1000
EAPTLS_CAFile /etc/radiator/certs/root.pem
EAPTLS_CertificateType PEM
EAPTLS_CertificateFile /etc/radiator/certs/cert-srv.pem
EAPTLS_PrivateKeyFile /etc/radiator/certs/cert-srv.pem
EAPTLS_PrivateKeyPassword whatever
EAPTLS_SessionResumption 0
EAPAnonymous %0
# Needed for Mac OS X user support
EAPTLS_PEAPVersion 0
AutoMPPEKeys
</AuthBy>
<Handler TunnelledByPEAP=1>
<AuthBy FILE>
Filename %D/users
EAPType MSCHAP-V2
</AuthBy>
</Handler>
<Handler TunnelledByTTLS=1>
AuthBy BY_FILE
</Handler>
<Handler>
AuthBy BY_FILE
</Handler>
On Sep 10, 2004, at 8:39 AM, Robert Blayzor wrote:
> Can someone shed some light on how to setup an AirPort extreme base
> station to use Radiator as the RADIUS server. (Enterprice WPA)
>
> I have the base station configured and it's sending requests to the
> Radiator server. I install all the mods I needed and I do see the
> requests coming into Radiator, however, I'm not getting auth.
>
> This is what I see in the Radiator log file:
>
> Fri Sep 10 10:04:28 2004: ERR: Could not handle an EAP request: Can't
> locate object method "response_identity" via package "Radius::EAP_25"
> at Radius/EAP.pm line 138.
>
>
> This is what I have in my Radiator config for the Airport:
>
> <Client 10.0.0.10>
> Identifier Foo
> Secret xxxxx
> NasType ignore
> </Client>
>
> <Handler Client-Identifier = Foo>
> <AuthBy FILE>
> Identifier EAP-Users
> Filename %D/eap-users
> EAPType PEAP,TTLS,TLS,MD5
> </AuthBy>
> AcctLogFileName %L/detail
> SessionDatabase Null-SDB
> </Handler>
>
>
> I know I'm probably missing more EAP stuff, but I can't find exactly
> what the Airport Extremem needs. Wondering if someone already has
> this setup and can share, or if someone knows where I can look.
>
> I'm looking for the most simple configuration for EAP without getting
> into certificates if I don't have to.
>
> TIA
>
> --
> Robert
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list