[RADIATOR] PEAP Config
Tamarack Birch-wheeles
tamarack at pdx.edu
Tue Aug 12 17:02:16 CDT 2008
Hello,
I'm trying to get PEAP/MSCHAP-V2 working with LDAP and I'm unable to
get it to work. Here is my current config:
<AuthBy LDAP2>
Identifier LDAPGeneric
Version 3
NoDefault
Host xxxxxxxx
SSLVerify none
UseTLS
BaseDN ou=people, dc=xxx, dc=xxx
Scope subtree
EAPType MSCHAP-V2
UsernameAttr uid
ServerChecksPassword
FailureBackoffTime 15
RejectEmptyPassword
</AuthBy>
<Handler TunnelledByPEAP=1>
AuthByPolicy ContinueUntilAccept
AuthBy LDAPGeneric
<AuthBy RADIUS>
NoDefault
DefaultSimultaneousUse 1
StripFromReply Service-Type
<Host xxxxxxxxxxxxx>
Secret xxxxxxxx
AuthPort 1812
AcctPort 1813
</Host>
</AuthBy>
AuthLog FileAuthLog
AcctLogFileName %L/acct/acctlog-%Y-%m-%d
</Handler>
<Handler Client-Identifier=xxxxxx>
<AuthBy FILE>
Filename /usr/local/etc/radiator/radius.users
EAPType PEAP
EAPTLS_CAFile /usr/local/etc/openssl/certs/
ThawteServerCA.txt
EAPTLS_CertificateFile /usr/local/etc/openssl/certs/
radius1.oit.cert.pem
EAPTLS_CertificateType PEM
EAPTLS_PrivateKeyFile /usr/local/etc/openssl/certs/
radius1.oit.key.pem
EAPTLS_PrivateKeyPassword xxxxxxx
EAPTLS_MaxFragmentSize 1024
AutoMPPEKeys
SSLeayTrace 4
</AuthBy>
AuthLog FileAuthLog
</Handler>
More information about the radiator
mailing list