Zentyal Forum, Linux Small Business Server

Zentyal Server => Installation and Upgrades => Topic started by: jjonathan313 on February 05, 2013, 10:30:03 pm

Title: Issues with RADIUS
Post by: jjonathan313 on February 05, 2013, 10:30:03 pm

Hello,

I'm fairly new to Zentyal, about a year now. At my small business it has been decided that we would like a little bit more security for our wireless. Therefore it was decided to use a RADIUS server for secure authentication. However after configuring the RADIUS clients (see the clients attachment) and adding users (see users attachment). I am still having issues connecting the machine to the wireless. I'm using the default Windows wireless client, and disabled the server authentication and disabled using my windows credentials.  I know that I have the proper config on my router (see router attachment) and I am getting a few errors in the freeRADIUS log (see log attachment). Any idea what i'm doing wrong? Please help.

Server-Zentyal 3.0
Clients-Windows 7 Professional, Windows 8 Professional, Android 4.0, iPad and iPod touch on iOS 6

Title: Re: Issues with RADIUS
Post by: jjonathan313 on February 07, 2013, 03:58:06 pm

I should probably state my intentions, i have a router that is capable of WPA2 enterprise with AES encryption, and it has been established that we want MSCHAP-V2 for our authentication, and we have approximately 12 users. Does anyone have a how-to guide or an example of how they set this up? Help please. Thank you

Title: Re: Issues with RADIUS
Post by: christian on February 07, 2013, 04:18:33 pm

Did you already check LDAP log to check LDAP request done by Radius server?

Title: Re: Issues with RADIUS
Post by: jjonathan313 on February 07, 2013, 04:40:02 pm

i did not, where is that log located?

Title: Re: Issues with RADIUS
Post by: christian on February 07, 2013, 04:56:01 pm

syslog but you will have to increase LDAP log level first.

Title: Re: Issues with RADIUS
Post by: jjonathan313 on February 07, 2013, 04:58:47 pm

ok, not a problem, where would i change that at?

Title: Re: Issues with RADIUS
Post by: jjonathan313 on February 08, 2013, 06:11:30 pm

Does anyone have a setup that worked for them with WPA2 enterprise?
Thank you

Title: Re: Issues with RADIUS
Post by: christian on February 08, 2013, 06:24:18 pm

You have to (LDAP) change oclloglevel value in cn=config

BTW, is your question related to Zentyal server or desktop (you're currently in desktop section while it looks like server related isn't it?)

Title: Re: Issues with RADIUS
Post by: jjonathan313 on February 08, 2013, 06:30:18 pm

Yes, i noticed that. Sorry

Title: Re: Issues with RADIUS
Post by: jjonathan313 on February 08, 2013, 06:53:10 pm

here is the log from syslog with ldap loggin

Title: Re: Issues with RADIUS
Post by: wilhelmdup on March 06, 2013, 09:43:35 pm

Did you get this working?

Title: Re: Issues with RADIUS
Post by: half_life on March 07, 2013, 02:01:41 am

Check here for a probable fix   http://forum.zentyal.org/index.php/topic,12863.0/topicseen.html (http://forum.zentyal.org/index.php/topic,12863.0/topicseen.html)

I went through the same problem along with another user on this forum (Thorsten) here  http://forum.zentyal.org/index.php/topic,13580.0.html (http://forum.zentyal.org/index.php/topic,13580.0.html)

It is a 3 second fix if it is the same problem.

Title: Re: Issues with RADIUS
Post by: mburillo on March 19, 2013, 05:07:57 pm

Hello all,

I have just tried with Ubuntu and android clients and it works flawlessly, though I recall having some problems making it work with Win7...

Title: Re: Issues with RADIUS
Post by: mburillo on March 19, 2013, 07:14:44 pm

BTW:

Using Tunneled TLS (or TTLS) as EAP protocol
and PAP for Step 2.

No client cert needed.

Regards!

Title: Re: Issues with RADIUS
Post by: half_life on March 19, 2013, 11:15:05 pm

Sorry,  your suggested fix was a non starter here.  I had already tried those combinations.  The fix in the link above did the trick.