Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Aironet 1600 + Freeradius + openLDAP

Hi at all,

i need to know if is possible to have this kind of configurations, because I'm going crazy to test it and nothing work.

I've freeradius attached to OpenLDAP with user and password crypted with SSHA, but the Aironet don't want to authenticate to freeradius, here the log :

rad_recv: Access-Request packet from host port 1645, id=102, length=154

        User-Name = "testwifi"

        Framed-MTU = 1400

        Called-Station-Id = "1C-1D-80-A0-00-00:AP-CISCO"

        Calling-Station-Id = "0000.2090.cd20"

        Service-Type = Login-User

        Message-Authenticator = 0x52b5013dd2f39a99a33ff83d7277cb71

        EAP-Message = 0x025400d0174657374223496669

        NAS-Port-Type = Wireless-802.11

        NAS-Port = 507

        NAS-Port-Id = "507"

        NAS-IP-Address =

        NAS-Identifier = "ap-p0"

# Executing section authorize from file /etc/freeradius/sites-enabled/default

+- entering group authorize {...}

[ldap] performing user authorization for testwifi

[ldap]  expand: (uid=%u) -> (uid=testwifi)

[ldap]  expand: dc=ldapserver,dc=com -> dc=ldapserver,dc=com

  [ldap] ldap_get_conn: Checking Id: 0

  [ldap] ldap_get_conn: Got Id: 0

  [ldap] attempting LDAP reconnection

  [ldap] (re)connect to, authentication 0

  [ldap] bind as / to

  [ldap] waiting for bind result ...

  [ldap] Bind was successful

  [ldap] performing search in dc=ldapserver,dc=com , with filter (uid=testwifi)

[ldap] No default NMAS login sequence

[ldap] looking for check items in directory...

  [ldap] userPassword -> Password-With-Header == "123456"

[ldap] looking for reply items in directory...

[ldap] user testwifi authorized to use remote access

  [ldap] ldap_release_conn: Release Id: 0

++[ldap] returns ok

ERROR: No authenticate method (Auth-Type) found for the request: Rejecting the user

Failed to authenticate the user.

Login incorrect: [testwifi] (from client port 507 cli0000.2090.cd20)

someone can help me ?

Thanks in advice.


CreatePlease login to create content