[Freeipa-users] Openwrt-Freeradius-FreeIPA
Johan Vermeulen
jameslast29 at gmail.com
Sun May 7 18:16:00 UTC 2017
Hello All,
I have sent the same mail a few days ago, but I think it ended up in
spam...........
We have FreeIPA running on Centos7
[root at freeipa03 ~]# cat /etc/*release
CentOS Linux release 7.2.1511 (Core)
Not fully updated but that is planned.
[root at freeipa03 ~]# yum list installed | grep ipa
ipa-admintools.x86_64 4.2.0-15.0.1.el7.centos.19
@updates
ipa-client.x86_64 4.2.0-15.0.1.el7.centos.19
@updates
ipa-python.x86_64 4.2.0-15.0.1.el7.centos.19
@updates
ipa-server.x86_64 4.2.0-15.0.1.el7.centos.19
@updates
ipa-server-dns.x86_64 4.2.0-15.0.1.el7.centos.19
@updates
libipa_hbac.x86_64 1.13.0-40.el7_2.12
@updates
python-iniparse.noarch 0.4-9.el7
@anaconda
python-libipa_hbac.x86_64 1.13.0-40.el7_2.12
@updates
sssd-ipa.x86_64 1.13.0-40.el7_2.12
@updates
We are using FreeIPA to authenticate laptops/users, that works great. Thank
you for making that possible!
Now I bought some Linksys access points and installed Openwrt on them.
Next I'm following the second part of this wiki:
https://www.freeipa.org/page/Using_FreeIPA_and_FreeRadius_
as_a_RADIUS_based_software_token_OTP_system_with_CentOS/RedHat_7
starting from : install, configure and test RADIUS server as a frontend to
IPA.
That works great, up to the point where I can do the radtest:
[root at freeipa03 ~]# radtest test password123 192.168.250.12 1812 testing1234
Sending Access-Request Id 26 from 0.0.0.0:44889 to 192.168.250.12:1812
User-Name = 'test'
User-Password = 'password123'
NAS-IP-Address = 192.168.250.12
NAS-Port = 1812
Message-Authenticator = 0x00
Received Access-Accept Id 26 from 192.168.250.12:1812 to
192.168.250.12:44889 length 20
where user test is in freeipa and 192.168.250.12 is the vpn address of the
ipa server.
My question now is: is it possible to have users connect with the
Linksys/Openwrt access point using username/password from FreeIPA?
So far I'm not getting past EM:
Error: Ignoring request to auth address * port 1812 as server default from
unknown client 10.10.20.117 port 55421 proto udp
where 10.10.20.117 is the Openwrt access point.
I added the access point to /etc/radddb/client.conf in a number of ways,
but nothing changes. Now I'm thinking, because Freeradius now reads from
FreeIPA,
it doesn't recognize the access point.
Thanks for any advise.
greetings, J.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20170507/07a420ba/attachment.htm>
More information about the Freeipa-users
mailing list