From owner-freebsd-wireless@FreeBSD.ORG  Thu May 21 17:13:10 2015
Return-Path: <owner-freebsd-wireless@FreeBSD.ORG>
Delivered-To: freebsd-wireless@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 6638C4D9
 for <freebsd-wireless@freebsd.org>; Thu, 21 May 2015 17:13:10 +0000 (UTC)
Received: from mail-wi0-x229.google.com (mail-wi0-x229.google.com
 [IPv6:2a00:1450:400c:c05::229])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id EE1961A55
 for <freebsd-wireless@freebsd.org>; Thu, 21 May 2015 17:13:09 +0000 (UTC)
Received: by wicmx19 with SMTP id mx19so22139843wic.0
 for <freebsd-wireless@freebsd.org>; Thu, 21 May 2015 10:13:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=message-id:date:from:user-agent:mime-version:to:cc:subject
 :references:in-reply-to:content-type:content-transfer-encoding;
 bh=0kfVbqVilRa1slQl/caxWcXCdT+gOqHwazabGcGbDEU=;
 b=hbooJPqhL30ii0DGkF0sNCxQWEyhNeCNKsmorQIQVf6aQOPWnGFXNg3+J2nS7jc17S
 r3drjQVAK0PTr3Yq3sbAySXYW64MPiVI5/ZBmiatFLV1ZFo24Cj0Q3Wjxfm3PmE4dDKG
 Zd67i07kzxfUnEIQdQ8vBFew85wnnTNqWjP1LWpJoAghQS/Jr23+dEI3Sic4OQskpkhQ
 W0zhN7eB8bzI3XHK5oLRIhDiGWEXOeqrnPKVzb3JQHWhdR6H9e8DEkMSSkLqKpaO2rnl
 IrJAirfpCKWXkUYtUjqzz4kIX2JsKJl3y7OnYlErM0YaKEpS6BXku5ZVz8RmBjgoM9ln
 MdRQ==
X-Received: by 10.194.63.80 with SMTP id e16mr7287803wjs.56.1432228388451;
 Thu, 21 May 2015 10:13:08 -0700 (PDT)
Received: from ?IPv6:2001:4200:7000:100:590d:7849:477:386a?
 ([2001:4200:7000:100:590d:7849:477:386a])
 by mx.google.com with ESMTPSA id pd7sm24252283wjb.27.2015.05.21.10.13.07
 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Thu, 21 May 2015 10:13:07 -0700 (PDT)
Message-ID: <555E121C.9050303@gmail.com>
Date: Thu, 21 May 2015 19:13:00 +0200
From: Johann <jhugo.meraka@gmail.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64;
 rv:31.0) Gecko/20100101 Thunderbird/31.7.0
MIME-Version: 1.0
To: Willem@Offermans.Rompen.nl
CC: freebsd-wireless@freebsd.org
Subject: Re: hostapd + freeradius can't connect
References: <01e701d08d75$fed02bd0$fc708370$@gmail.com>
 <CAJ-VmokxL6Zz=K2p9zeg84_EF5zr6Kk4mWv=oxt2FA59JktA0w@mail.gmail.com>
 <003c01d08dbe$6018b900$204a2b00$@gmail.com>
 <CAJ-Vmo=anQCxvHq1jCR9bNk2OCjfye5gV_74jeWcr+OdBd1WWw@mail.gmail.com>
 <555CB658.6040103@gmail.com> <555CC261.8080505@gmail.com>
 <20150521083957.GB5453@vpn.offrom.nl>
In-Reply-To: <20150521083957.GB5453@vpn.offrom.nl>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit
X-BeenThere: freebsd-wireless@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: "Discussions of 802.11 stack,
 tools device driver development." <freebsd-wireless.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-wireless>, 
 <mailto:freebsd-wireless-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-wireless/>
List-Post: <mailto:freebsd-wireless@freebsd.org>
List-Help: <mailto:freebsd-wireless-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-wireless>, 
 <mailto:freebsd-wireless-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 21 May 2015 17:13:10 -0000



On 2015/05/21 10:39 AM, Willem Offermans wrote:
> Dear FreeBSD friends,
>
> Sorry to interrupt here, but I got triggered by this e-mail thread.
>
> Do I understand correctly that it is possible to connect hostapd with
> FreeRadius and OpenLDAP?
Yes.

> Would it be possible to do the authentication of
> wireless access over the ldap server?
Yes

> If yes, do I need FreeRadius to
> intermediate between hostapd and OpenLDAP?
Yes
>
> Is there some documentation around to setup hostapd + OpenLDAP or hostapd +
> FreeRadius + OpenLDAP under FreeBSD?
No

>
> Sorry, to interrp
>
> On Wed, May 20, 2015 at 07:20:33PM +0200, Johann wrote:
>> On 2015/05/20 06:29 PM, Johann wrote:
>>> On 2015/05/16 08:03 AM, Adrian Chadd wrote:
>>>> Hi,
>>>> Has this ever worked?
>>> Yes.
>>>
>>> I got it working in April 2012 on FreeBSD 8 and 9. I've used a
>>> FreeRadius server and a FreeBSD client with wpa_supplicant to test
>>> it.
>>>
>>> At that stage you had to enable the eap_server when you compile hostapd
>>>
>>> # echo HOSTAPD_CFLAGS+=-DEAP_SERVER >> /etc/src.conf
>>> # cd /usr/src/usr.sbin/wpa/hostapd
>>> # make
>>> # make install
>>>
>>> but Bernhard Schmidt fixed it so that EAP_SERVER was enabled by default.
>>>
>>>
>>> Here is the configs that I used:
>>>
>>> rc.conf
>>> hostname="AP-vlan"
>>> wlans_ath0="wlan0"
>>> create_args_wlan0="wlanmode hostap country ZA"
>>> ifconfig_wlan0="146.64.5.5/24 mode 11g channel 6"
>>> defaultrouter="146.64.5.1"
>>> hostapd_enable="YES"
>>> cloned_interfaces="bridge0"
>>> ifconfig_bridge0="addm sis0 addm wlan0 up"
>>> ifconfig_sis0="up"
>>>
>>>
>>> hostapd.conf
>>> interface=wlan0
>>> ctrl_interface=/var/run/hostapd
>>> ctrl_interface_group=wheel
>>> ssid=testAP
>>> hw_mode=g
>>> channel=6
>>>
>>> wpa=1
>>> wpa_pairwise=CCMP TKIP
>>> wpa_key_mgmt=WPA-EAP
>>> wpa_pairwise=TKIP CCMP
>>> rsn_pairwise=CCMP
>>>
>>> Hope it helps
>>>
>>> Regards
>>> Johann
>>> _______________________________________________
>>> freebsd-wireless@freebsd.org mailing list
>>> http://lists.freebsd.org/mailman/listinfo/freebsd-wireless
>>> To unsubscribe, send any mail to
>>> "freebsd-wireless-unsubscribe@freebsd.org"
>>>
>> Looks like this part of hostapd.conf got lost.
>>
>> ieee8021x=1
>> own_ip_addr=146.64.5.5
>> auth_server_addr=146.64.8.25
>> auth_server_port=1812
>> auth_server_shared_secret=same-as-on-freeradius
>>
>> Johann
>>
>> _______________________________________________
>> freebsd-wireless@freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-wireless
>> To unsubscribe, send any mail to "freebsd-wireless-unsubscribe@freebsd.org"