Login or Register to Ask a Question and Join Our Community


IP Networking

Wpa_cli with Radius

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums IP Networking Wpa_cli with Radius
# 1  
Old 05-16-2013
Wpa_cli with Radius
Hello everyone, I have a question in regards to connecting with wpa_cli to a Radius server. I can connect fine through WPA Enterprise and WPA2 Enterprise, but I'm lost on trying to connect to Radius.

wpa_cli -iwlan0 set_network 0 ssid '"ssid"'
wpa_cli -iwlan0 set_network 0 key_mgmt WPA-EAP
wpa_cli -iwlan0 set_network 0 proto WPA2
wpa_cli -iwlan0 set_network 0 eap PEAP
wpa_cli -iwlan0 set_network 0 identity '"1234"'
wpa_cli -iwlan0 set_network 0 password '"1234"'
wpa_cli -iwlan0 set_network 0 phase1 '"peaplabel=0"'
wpa_cli -iwlan0 set_network 0 phase2 '"MSCHAPV2"'

Status shows this:
Supplicant PAE state=DISCONNECTED
suppPortStatus=Unauthorized
EAP state=DISABLED
selectedMethod=25 (EAP-PEAP)


Thank you
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. AIX

Radius client on AIX

Hi, I want to authenticate my AIX 6.1 with linux server to successfully implement 2 factor authentication but I am not getting relevant documents on AIX as well as pam radius modules to proceed further. Please help me further. Regards, Rupesh Basnet (2 Replies)
Discussion started by: roopeess
2 Replies

2. UNIX for Dummies Questions & Answers

Radius

Hi all I have no idea what I am doing, I think I am learning...the previous linux admin left the company and I volunteered to help. My first task is to create a user (X) account in the radius. I was able to do that.. This user (X) will be login in to a cisco device same as user (Z) . ... (3 Replies)
Discussion started by: ciscosteps
3 Replies

3. UNIX for Dummies Questions & Answers

Why use RADIUS for authentication as there are many ways to do it ?

I guess I probably ask a dumb question but why use RADIUS for authentication as there are many ways to do it, as authentication is basically a user/password check? What is the benifit(s) of using it ? Thanks! (3 Replies)
Discussion started by: qiulang
3 Replies

4. Red Hat

RADIUS server for SSH authorization

Good day to anyone. I need your help. I want to create a centralization server for authorization my users via SSH connections. My manager suggested me a RADIUS + PAM, but frankly speaking I read a lot information about these and understood one thing - RADIUS could work only with password... (0 Replies)
Discussion started by: jess_t03
0 Replies

5. UNIX for Advanced & Expert Users

Free Radius Configuration question

Solaris 10 on an X86 box - Config runs fine has a couple of items in log (really long log file). When I try make I get make: Fatal error in reader: Make.inc, line 84: Unexpected end of line seen line 84 is LIBRADIUS_WITH_OPENSSL = 1 any ideas on what to try? (1 Reply)
Discussion started by: NeedLotsofHelp
1 Replies

6. Cybersecurity

Free Radius Software (GNU)

hi i have heared that there is a package called freeradius used for authenticating!!! actually i want to learn more about it but i cant find details on how to use it? is it based on client server model i.e should i have to install in both client and the server machines ? i am... (2 Replies)
Discussion started by: u.n.i.x
2 Replies

7. AIX

AIX and radius authentication

We want to use RADIUS to authenticate our AIX server logins. Can anybody tell me how to set on AIX server up to use a Radius server to authenticate or point me to documentation on setting up AIX to use Radius to authenticate user login. Our problem is that we have a few users that access our... (1 Reply)
Discussion started by: daveisme
1 Replies

8. UNIX for Advanced & Expert Users

radius+ldap

I need your help on how to integrate radius authentication with LDAP users database?? (0 Replies)
Discussion started by: mm00123
0 Replies

9. Solaris

RADIUS package for solaris

hi everybody am looking for radius package for solaris i am finding this link : FreeRADIUS -- Downloads , but i am not sure that will work with solaris 10 , can you have any idea to help me ?? (2 Replies)
Discussion started by: lid-j-one
2 Replies
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

authen::radius

Radius(3pm)						User Contributed Perl Documentation					       Radius(3pm)

NAME

       Authen::Radius - provide simple Radius client facilities

SYNOPSIS

	 use Authen::Radius;

	 $r = new Authen::Radius(Host => 'myserver', Secret => 'mysecret');
	 print "auth result=", $r->check_pwd('myname', 'mypwd'), "
";

	 $r = new Authen::Radius(Host => 'myserver', Secret => 'mysecret');
	 Authen::Radius->load_dictionary();
	 $r->add_attributes (
		       { Name => 'User-Name', Value => 'myname' },
		       { Name => 'Password', Value => 'mypwd' },
       # RFC 2865 http://www.ietf.org/rfc/rfc2865.txt calls this attribute
       # User-Password. Check your local RADIUS dictionary to find
       # out which name is used on your system
       #	       { Name => 'User-Password', Value => 'mypwd' },
		       { Name => 'h323-return-code', Value => '0' }, # Cisco AV pair
		       { Name => 'Digest-Attributes', Value => { Method => 'REGISTER' } }
	 );
	 $r->send_packet(ACCESS_REQUEST) and $type = $r->recv_packet();
	 print "server response type = $type
";
	 for $a ($r->get_attributes()) {
	       print "attr: name=$a->{'Name'} value=$a->{'Value'}
";
	 }

DESCRIPTION

       The "Authen::Radius" module provides a simple class that allows you to send/receive Radius requests/responses to/from a Radius server.

CONSTRUCTOR

       new ( Host => HOST, Secret => SECRET [, TimeOut => TIMEOUT] [,Service => SERVICE] [, Debug => Bool] [, LocalAddr => hostname[:port]]
       [,Rfc3579MessageAuth => Bool] [,NodeList= NodeListArrayRef])
	   Creates & returns a blessed reference to a Radius object, or undef on failure.  Error status may be retrieved with
	   "Authen::Radius::get_error" (errorcode) or "Authen::Radius::strerror" (verbose error string).

	   The default "Service" is "radius", the alternative is "radius-acct".  If you do not specify port in the "Host" as a "hostname:port",
	   then port specified in your /etc/services will be used. If there is nothing there, and you did not specify port either then default is
	   1812 for "radius" and 1813 for "radius-acct".

	   Optional parameter "Debug" with a Perl "true" value turns on debugging (verbose mode).

	   Optional parameter "LocalAddr" may contain local IP/host bind address from which RADIUS packets are sent.

	   Optional parameter "Rfc3579MessageAuth" with a Perl "true" value turns on generating of Message-Authenticator for Access-Request
	   (RFC3579, section 3.2).

	   Optional parameter "NodeList" may contain a Perl reference to an array, containing a list of Radius Cluster nodes. Each nodes in the
	   list can be specified using a hostname or IP (with an optional port number), i.e. 'radius1.mytel.com' or 'radius.myhost.com:1812'.
	   Radius Cluster contains a set of Radius servers, at any given moment of time only one server is considered to be "active" (so requests
	   are send to this server).  How the active node is determined? Initially in addition to the "NodeList" parameter you may supply the
	   "Host" parameter and specify which server should become the first active node. If this parameter is absent, or the current active node
	   does not reply anymore, the process of "discovery" will be performed: a request will be sent to all nodes and the consecutive
	   communication continues with the node, which will be the first to reply.

METHODS

       load_dictionary ( [ DICTIONARY ] )
	   Loads the definitions in the specified Radius dictionary file (standard Livingston radiusd format). Tries to load
	   '"/etc/raddb/dictionary"' when no argument is specified, or dies. NOTE: you need to load valid dictionary if you plan to send RADIUS
	   requests with attributes other than just "User-Name"/"Password".

       check_pwd ( USERNAME, PASSWORD [,NASIPADDRESS] )
	   Checks with the RADIUS server if the specified "PASSWORD" is valid for user "USERNAME". Unless "NASIPADDRESS" is specified, the script
	   will attempt to determine it's local IP address (IP address for the RADIUS socket) and this value will be placed in the NAS-IP-Address
	   attribute.  This method is actually a wrapper for subsequent calls to "clear_attributes", "add_attributes", "send_packet" and
	   "recv_packet". It returns 1 if the "PASSWORD" is correct, or undef otherwise.

       add_attributes ( { Name => NAME, Value => VALUE [, Type => TYPE] [, Vendor => VENDOR] }, ... )
	   Adds any number of Radius attributes to the current Radius object. Attributes are specified as a list of anon hashes. They may be
	   "Name"d with their dictionary name (provided a dictionary has been loaded first), or with their raw Radius attribute-type values. The
	   "Type" pair should be specified when adding attributes that are not in the dictionary (or when no dictionary was loaded). Values for
	   "TYPE" can be '"string"', '"integer"', '"ipaddr"' or '"avpair"'.

       get_attributes
	   Returns a list of references to anon hashes with the following key/value pairs : { Name => NAME, Code => RAWTYPE, Value => VALUE,
	   RawValue => RAWVALUE, Vendor => VENDOR }. Each hash represents an attribute in the current object. The "Name" and "Value" pairs will
	   contain values as translated by the dictionary (if one was loaded). The "Code" and "RawValue" pairs always contain the raw attribute
	   type & value as received from the server.  If some attribute doesn't exist in dictionary or type of attribute not specified then
	   corresponding "Value" undefined and "Name" set to attribute ID ("Code" value).

       clear_attributes
	   Clears all attributes for the current object.

       send_packet ( REQUEST_TYPE, RETRANSMIT )
	   Packs up a Radius packet based on the current secret & attributes and sends it to the server with a Request type of "REQUEST_TYPE".
	   Exported "REQUEST_TYPE" methods are '"ACCESS_REQUEST"', '"ACCESS_ACCEPT"' , '"ACCESS_REJECT"', '"ACCOUNTING_REQUEST"',
	   '"ACCOUNTING_RESPONSE"', '"DISCONNECT_REQUEST"' and '"COA_REQUEST"'.  Returns the number of bytes sent, or undef on failure.

	   If the RETRANSMIT parameter is provided and contains a non-zero value, then it is considered that we are re-sending the request, which
	   was already sent previously. In this case the previous value of packet indentifier is used.

       recv_packet ( DETECT_BAD_ID )
	   Receives a Radius reply packet. Returns the Radius Reply type (see possible values for "REQUEST_TYPE" in method "send_packet") or undef
	   on failure. Note that failure may be due to a failed recv() or a bad Radius response authenticator. Use "get_error" to find out.

	   If the DETECT_BAD_ID parameter is supplied and contains a non-zero value, then calculation of the packet indentifier is performed
	   before authenticator check and EBADID error returned in case when packet indentifier from the response doesn't match to the request. If
	   the DETECT_BAD_ID is not provided or contains zero value then EBADAUTH returned in such case.

       get_error
	   Returns the last "ERRORCODE" for the current object. Errorcodes are one-word strings always beginning with an '"E"'.

       strerror ( [ ERRORCODE ] )
	   Returns a verbose error string for the last error for the current object, or for the specified "ERRORCODE".

       error_comment
	   Returns the last error explanation for the current object. Error explanation is generated by system call.

       get_active_node
	   Returns currently active radius node in standard numbers-and-dots notation with port delimited by colon.

AUTHOR

       Carl Declerck <carl@miskatonic.inbe.net> - original design Alexander Kapitanenko <kapitan at portaone.com> and Andrew Zhilenko <andrew at
       portaone.com> - later modifications.

       Andrew Zhilenko <andrew at portaone.com> is the current module's maintaner at CPAN.

perl v5.10.1							    2010-12-24							       Radius(3pm)