Hi at all,
i need to know if is possible to have this kind of configurations, because I'm going crazy to test it and nothing work.
I've freeradius attached to OpenLDAP with user and password crypted with SSHA, but the Aironet don't want to authenticate to freeradius, here the log :
rad_recv: Access-Request packet from host 192.168.0.1 port 1645, id=102, length=154
User-Name = "testwifi"
Framed-MTU = 1400
Called-Station-Id = "1C-1D-80-A0-00-00:AP-CISCO"
Calling-Station-Id = "0000.2090.cd20"
Service-Type = Login-User
Message-Authenticator = 0x52b5013dd2f39a99a33ff83d7277cb71
EAP-Message = 0x025400d0174657374223496669
NAS-Port-Type = Wireless-802.11
NAS-Port = 507
NAS-Port-Id = "507"
NAS-IP-Address = 192.168.50.1
NAS-Identifier = "ap-p0"
# Executing section authorize from file /etc/freeradius/sites-enabled/default
+- entering group authorize {...}
[ldap] performing user authorization for testwifi
[ldap] expand: (uid=%u) -> (uid=testwifi)
[ldap] expand: dc=ldapserver,dc=com -> dc=ldapserver,dc=com
[ldap] ldap_get_conn: Checking Id: 0
[ldap] ldap_get_conn: Got Id: 0
[ldap] attempting LDAP reconnection
[ldap] (re)connect to ldapserver.server.com:389, authentication 0
[ldap] bind as / to ldapserver.server.com:389
[ldap] waiting for bind result ...
[ldap] Bind was successful
[ldap] performing search in dc=ldapserver,dc=com , with filter (uid=testwifi)
[ldap] No default NMAS login sequence
[ldap] looking for check items in directory...
[ldap] userPassword -> Password-With-Header == "123456"
[ldap] looking for reply items in directory...
[ldap] user testwifi authorized to use remote access
[ldap] ldap_release_conn: Release Id: 0
++[ldap] returns ok
ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user
Failed to authenticate the user.
Login incorrect: [testwifi] (from client 192.168.0.0/16 port 507 cli0000.2090.cd20)
someone can help me ?
Thanks in advice.
Regards