[Freeipa-users] FreeRadius and FreeIPA
Randy Morgan
randym at chem.byu.edu
Wed Dec 9 14:52:04 UTC 2015
Hello,
We are setting up our wireless to authenticate against FreeRadius and
FreeIPA. I am looking for any instructions on how to integrate radius
with IPA. We can get them talking via kerberos, but when we have a
wireless client attempt to authenticate against them, the password gets
stripped out and only the username gets passed on, resulting in a failed
logon attempt.
As we have studied the problem we have identified the communication
protocols used by wireless to pass on the user credentials to radius.
Wireless uses EAP as it's primary protocol. We are running Xirrus
wireless APs and from what we can learn, they act only as a pass through
conduit for the client. Ideally we would like them to speak PEAP TTLS,
this would allow kerberos to process from the client to the IPA server,
we are still researching this.
Are there any instructions on how to integrate FreeRadius 3.0.10 with
FreeIPA 3.3.5? Any help would be appreciated.
Randy
--
Randy Morgan
CSR
Department of Chemistry and Biochemistry
Brigham Young University
801-422-4100
More information about the Freeipa-users
mailing list