(RADIATOR) Cisco WLAN, LDAP OS X
Urs Landis
urs.landis at mac.com
Sun Feb 27 03:20:48 CST 2005
Hi all
I try to make a Config for:
A WLAN Client connect to Cisco Access Point witch connects to the
Radiator
Radiator should do:
1. Check mac-address against a local list,
2. Check username and passwort against a Mac OS X LDAP-Server
3. Feedback to the access-point with VLAN-ID (not yet implemented in my
config, how can i do that?)
And this should work with TTLS, LEAP, .... (in my config now just TTLS)
Till now the local testtool works with the LDAP Server and the
mac-address test, but it dosnt work with the WLAN Clients
I copied my config, what is missing in that?
best regards
Urs Landis
ICT
Kantonsschule
Hohe Promenade
Promenadengasse 11
CH-8001 Zürich
Config:
Foreground
LogStdout
LogDir /var/log/radius
DbDir /etc/radiator
# User a lower trace level in production systems:
Trace 4
<Client DEFAULT>
Secret xyxyxyxxy
DupInterval 0
</Client>
<AuthBy FILE>
Identifier CheckMACAddress
Filename %D/addresses.mac
AuthenticateAttribute Calling-Station-Id
EAPType TTLS
EAPTLS_CAFile %D/certificates/demoCA/cacert.pem
EAPTLS_CertificateFile %D/certificates/cert-srv.pem
EAPTLS_CertificateType PEM
EAPTLS_PrivateKeyFile %D/certificates/cert-srv.pem
EAPTLS_PrivateKeyPassword whatever
EAPTLS_MaxFragmentSize 1000
AutoMPPEKeys
</AuthBy>
<AuthBy LDAP2>
Identifier CheckLDAP
Host xxx.yyy.xxx.yyy
BaseDN dc=yyyyy, dc=xxx
Version 3
UsernameAttr uid
ServerChecksPassword
SearchFilter (&(uid=%1)(buildingName=WLAN))
</AuthBy>
<Handler DEFAULT>
AuthBy CheckMACAddress
</Handler>
Mit freundlichen Grüssen
Urs Landis
ICT
Kantonsschule
Hohe Promenade
Promenadengasse 11
CH-8001 Zürich
Tel: 044 - 268 36 29
Nat: 079 - 400 40 01
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list