Mon Dec 12 06:17:50 PST 2005
On Mon, Dec 12, 2005 at 11:40:29AM +0100, Norbert Wegener wrote:
> I have setup freeradius for 802.1x port authentication at a cisco switch
> with eap-tls and an appended look into an ad-server to get needed values
> form there. This works without problems.
> Now I want to do some automated tests using eapol_test instead of the
> cisco switch.
> Therefore I setup this configfile file:
> phase1="TLS tunnel"
This option is not a valid paramter for wpa_supplicant. It is just
ignored, though, so it shouldn't break anything.
> freeradius receives:
> ad_recv: Access-Request packet from host 188.8.131.52 port 32777,
> id=0, length=204
> User-Name = "myid"
> EAP-Message =
> but does not start an eap-tls authentication. Instead it directly
> searches the AD server.
This sounds like a configuration issue on the FreeRADIUS end of the
connection, so I would recommend going through its configuration and
asking on freeradius-users mailing list, if needed. Maybe that
User-Name is not configured to use EAP authentication.
Jouni Malinen PGP id EFC895FA
More information about the Hostap