[Freeipa-users] Openwrt-Freeradius-FreeIPA

Johan Vermeulen jameslast29 at gmail.com
Tue May 9 10:36:51 UTC 2017 

Hello All,

not trying to push for an answer here;
but in reply to this post I got a lot of spam that I don't want my wife of
kids to see.

This is only my second post here so I'm just wondering if I'm ending up in
spam because I'm getting this spam
or  if the question is just very far fetched.

Greetings, J.

2017-05-07 20:16 GMT+02:00 Johan Vermeulen <jameslast29 at gmail.com>:

> Hello All,
>
> I have sent the same mail a few days ago, but I think it ended up in
> spam...........
>
> We have FreeIPA running on Centos7
> [root at freeipa03 ~]# cat /etc/*release
> CentOS Linux release 7.2.1511 (Core)
>
> Not fully updated but that is planned.
>
> [root at freeipa03 ~]# yum list installed | grep ipa
> ipa-admintools.x86_64                 4.2.0-15.0.1.el7.centos.19
> @updates
> ipa-client.x86_64                     4.2.0-15.0.1.el7.centos.19
> @updates
> ipa-python.x86_64                     4.2.0-15.0.1.el7.centos.19
> @updates
> ipa-server.x86_64                     4.2.0-15.0.1.el7.centos.19
> @updates
> ipa-server-dns.x86_64                 4.2.0-15.0.1.el7.centos.19
> @updates
> libipa_hbac.x86_64                    1.13.0-40.el7_2.12
> @updates
> python-iniparse.noarch                0.4-9.el7
> @anaconda
> python-libipa_hbac.x86_64             1.13.0-40.el7_2.12
> @updates
> sssd-ipa.x86_64                       1.13.0-40.el7_2.12
> @updates
>
> We are using FreeIPA to authenticate laptops/users, that works great.
> Thank you for making that possible!
>
> Now I bought some Linksys access points and installed Openwrt on them.
> Next I'm following the second part of this wiki:
>
> https://www.freeipa.org/page/Using_FreeIPA_and_FreeRadius_as
> _a_RADIUS_based_software_token_OTP_system_with_CentOS/RedHat_7
>
> starting from : install, configure and test RADIUS server as a frontend to
> IPA.
>
> That works great, up to the point where I can do the radtest:
>
> [root at freeipa03 ~]# radtest test password123 192.168.250.12 1812
> testing1234
> Sending Access-Request Id 26 from 0.0.0.0:44889 to 192.168.250.12:1812
>     User-Name = 'test'
>     User-Password = 'password123'
>     NAS-IP-Address = 192.168.250.12
>     NAS-Port = 1812
>     Message-Authenticator = 0x00
> Received Access-Accept Id 26 from 192.168.250.12:1812 to
> 192.168.250.12:44889 length 20
>
> where user test  is in freeipa and 192.168.250.12 is the vpn address of
> the ipa server.
>
> My question now is: is it possible to have users connect with the
> Linksys/Openwrt access point using username/password from FreeIPA?
> So far I'm not getting past EM:
>
> Error: Ignoring request to auth address * port 1812 as server default from
> unknown client 10.10.20.117 port 55421 proto udp
>
> where 10.10.20.117 is the Openwrt access point.
>
> I added the access point to /etc/radddb/client.conf in a number of ways,
> but nothing changes. Now I'm thinking, because Freeradius now reads from
> FreeIPA,
> it doesn't recognize the access point.
>
> Thanks for any advise.
>
> greetings, J.
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20170509/8a768f3f/attachment.htm>

More information about the Freeipa-users mailing list