I'm trying to setup wired clients to authenticate with EAP-TLS on a Catalyst 2950, I put together a test setup using the configs on my freeRADIUS server taken from another which is working with EAP-TLS over wireless, the requests are being passed through to the server but the authentication is still failing, could anyone give me some advice? Logs and configs included below......
My current setup is:
FreeRADIUS server - Fedora Core 6, freeradius-1.1.3-2.fc6, freeradius-mysql-1.1.3-2.fc6
Cisco Catalyst 2950 - IOS (tm) C2950 Software (C2950-I6Q4L2-M), Version 12.1(22)EA9, RELEASE SOFTWARE (fc1) - c2950-i6q4l2-mz.121-22.EA9.bin
Laptop - OpenSUSE 10.2
I followed the guide to setting up 802.1x auth on the switch from the 2950 docs and from here:
http://wiki.freeradius.org/FreeRADIUS_Active_Directory_Integration_HOWTO (although I'm not using Windows, so only the switch config is relevant)
"select * from nas" (comma seperated to make it easier):
1,10.10.0.9/32,Catalyst,cisco,NULL,<secret>,NULL Catalyst 2950
wpa_supplicant.conf on laptop:
Outputs of the radiusd and wpa_supplicant are attached...