[RADIATOR] 802.1x , EAP error

Heikki Vatiainen hvn at open.com.au
Sat Mar 30 03:40:58 CDT 2013


On 03/30/2013 09:46 AM, Jeffrey Lee wrote:

> If I'm trying to relay an 802.1x authentication to another proxy AAA
> server, can I just proxy without processing EAP request (to find the
> inner EAP request info?)

Try this:

<Handler EAP-Message=/.+/>
  <AuthBy RADIUS>
...

This will proxy all EAP messages to the next hop server.

> On this radiator server, I'm trying to authenticate a normal AAA request
> locally, and 802.1x request will be forwarded to another server. Is
> there any server config samples for this? I've looked in the goodies but
> can't find something similar to my intended setup.

Arranging the Handlers should do the trick.

# Proxy all EAP
<Handler EAP-Message=/.+/>
...
</Handler>

# Process the rest of the messages here
<Handler>
...

Thanks,
Heikki


> On Wed, Mar 27, 2013 at 12:32 AM, Heikki Vatiainen <hvn at open.com.au
> <mailto:hvn at open.com.au>> wrote:
> 
>     On 03/26/2013 10:11 AM, Jeff Lee wrote:
> 
>     > I'm trying to setup 802.1x authentication using EAP-PEAP but been
>     > struggling for a few days with no idea how to resolve this.
>     > Below is the log and where I bold it…. it says, "* ERR: Could not load
>     > EAP module Radius::EAP_25: Can't locate Net/SSLeay.pm in @INC*"
> 
>     Yes, this is the reason. You need to install Net::SSLeay so that radiusd
>     can access SSL libraries.
> 
>     > Can someone point me to some direction to fix this error before I dive
>     > into the radius.cfg file again?
> 
>     On Debian, Ubuntu and related install libnet-ssleay-perl package. On
>     RedHat and Centos you need to install perl-Net-SSLeay. As you can see
>     the actual distribution package names varies from system to system.
> 
>     Thanks,
>     Heikki
> 
>     --
>     Heikki Vatiainen <hvn at open.com.au <mailto:hvn at open.com.au>>
> 
>     Radiator: the most portable, flexible and configurable RADIUS server
>     anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
>     Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
>     TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
>     DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
>     NetWare etc.
>     _______________________________________________
>     radiator mailing list
>     radiator at open.com.au <mailto:radiator at open.com.au>
>     http://www.open.com.au/mailman/listinfo/radiator
> 
> 


-- 
Heikki Vatiainen <hvn at open.com.au>

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.


More information about the radiator mailing list