Home arrow Guide sul Wireless arrow Wireless LAN e tecniche di autenticazione 802.1x
Notizie flash
AirLive, one of the most advanced and worldwide brands for networking and communication equipments, introduced a brand new product – the AirLive WL-1600USB – a High Power 802.11g USB adapter that pushes the boundaries of Wireless home networking beyond its limit. AirLive WL-1600USB is designed to offers a long distance wireless coverage.  With a minimum transmission power of 20 dBm, AirLive WL-1600USB allows users to transfer data wirelessly over a larger distance that cannot be done with a regular wireless USB adapter
 
Menu principale
Home
Forum sul Wireless
Iscrizione Newsletter
Rimozione Newsletter
Wireless nei Comuni
Contributi Audio sul W.
FAQ sul Wireless
Sicurezza Wireless
Guide sul Wireless
Recensioni Hardware
Web Links
Sperimentazioni
News Generiche
Wireless Business
Hardware Wireless
Software per Wireless
Eventi e Manifestazioni
Normativa Wireless
Computers e Wireless
Sistemi Bluetooth
Comunicazioni dal sito
Glossario sul Wireless
Dicono di Noi
Press Kit
Audio Guestbook
Add to: Mr. Wong Add to: Webnews Add to: Icio Add to: Oneview Add to: Yigg Add to: Linkarena Add to: Digg Add to: Del.icoi.us Add to: Reddit Add to: Simpy Add to: StumbleUpon Add to: Slashdot Add to: Netscape Add to: Furl Add to: Yahoo Add to: Blogmarks Add to: Diigo Add to: Technorati Add to: Newsvine Add to: Blinkbits Add to: Ma.Gnolia Add to: Smarking Add to: Netvouz Add to: Folkd Add to: Spurl Add to: Google Add to: Blinklist Information
Social Bookmarking
Podcast

Wireless LAN e tecniche di autenticazione 802.1x Stampa E-mail
Indice articolo
Wireless LAN e tecniche di autenticazione 802.1x
Pagina 2
Pagina 3
Pagina 4
Pagina 5
Pagina 6
Pagina 7
Pagina 8
Pagina 9
Pagina 10
Pagina 11
Pagina 12
Pagina 7 di 12
I moduli inseriti in questa sezione elenca quali moduli sono disponibili per l'autenticazione ma vengono caricati solo quando presenti nella sezione authorize.

 

Adesso e' necessario scegliere uno schema di autenticazione EAP: scegliamo LEAP per comodita' in quanto l'AP utilizzato per i test e' cisco e l'implementazione dello schema e' tra le piu' semplici nel panorama EAP. possiamo configurare quindi il file eap.conf 

eap {

        default_eap_type = leap



        timer_expire     = 60 

	 leap { ... }

	 }

 

Ora il server FreeRadius e' configurato e funzionante: possiamo verificarlo lanciando il serve in modalita' super-debug con il comando radiusd -X ed utilizzando l'utility radtest inserendo i dati di un utente con account registrato sul database LDAP.

    lato client: 

    	 radtest cammani cammano localhost:1812 0 testing123 
	
    	 Sending Access-Request of id 44 to 127.0.0.1:1812
    
	        User-Name = "cammani"
    
	        User-Password = "cammano"
    
	        NAS-IP-Address = gustavino
    
	        NAS-Port = 0

     

    lato server: 

    	rad_recv: Access-Request packet from host 127.0.0.1:32769, id=44, length=59
    
	        User-Name = "cammani"
    
	        User-Password = "cammano"
    
	        NAS-IP-Address = 255.255.255.255
    
	        NAS-Port = 0
    
	Processing the authorize section of radiusd.conf
    
	modcall: entering group authorize for request 0
    
	modcall[authorize]: module "preprocess" returns ok for request 0
    
	users: Matched DEFAULT at 155
    
	modcall[authorize]: module "files" returns ok for request 0
    
	rlm_ldap: - authorize
    
	rlm_ldap: performing user authorization for cammani
    
	radius_xlat:  '(uid=cammani)'
    
	radius_xlat:  'dc=fis,dc=unipr,dc=it'
    
	rlm_ldap: ldap_get_conn: Checking Id: 0
    
	rlm_ldap: ldap_get_conn: Got Id: 0
    
	rlm_ldap: attempting LDAP reconnection
    
	rlm_ldap: (re)connect to ldap.fis.unipr.it:389, authentication 0
    
	rlm_ldap: bind as / to ldap.fis.unipr.it:389
    
	rlm_ldap: waiting for bind result ...
    
	rlm_ldap: Bind was successful
    
	rlm_ldap: performing search in dc=fis,dc=unipr,dc=it, with filter
    
	(uid=cammani)
    
	rlm_ldap: looking for check items in directory...
    
	rlm_ldap: looking for reply items in directory...
    
	rlm_ldap: user cammani authorized to use remote access
    
	rlm_ldap: ldap_release_conn: Release Id: 0
    
	modcall[authorize]: module "ldap" returns ok for request 0
    
	modcall: group authorize returns ok for request 0
    
	rad_check_password:  Found Auth-Type LDAP
    
	auth: type "LDAP"
    
	Processing the authenticate section of radiusd.conf
    
	modcall: entering group Auth-Type for request 0
    
	rlm_ldap: - authenticate
    
	rlm_ldap: login attempt by "cammani" with password "cammano"
    
	rlm_ldap: user DN: uid=cammani,ou=Users,ou=Staff,dc=fis,dc=unipr,dc=it
    
	rlm_ldap: (re)connect to ldap.fis.unipr.it:389, authentication 1
    
	rlm_ldap: bind as uid=cammani,ou=Users,ou=Staff,dc=fis,dc=
    
	unipr,dc=
    
	it/cammano to ldap.fis.unipr.it:389
    
	rlm_ldap: waiting for bind result ...
    
	rlm_ldap: Bind was successful
    
	rlm_ldap: user cammani authenticated succesfully
    
	  modcall[authenticate]: module "ldap" returns ok for request 0
    
	modcall: group Auth-Type returns ok for request 0
    
	Sending Access-Accept of id 44 to 127.0.0.1:32769
    
	Finished request 0
    
	Going to the next request
    
	--- Walking the entire request list ---
    
	Waking up in 6 seconds...
    
	--- Walking the entire request list ---
    
	Cleaning up request 0 ID 44 with timestamp 42a95cc1
    
	Nothing to do.  Sleeping until we see a request.

     

    lato client: 

    	rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=44, length=20

     

Il server radius e' quindi correttamente settato e interfacciato al database LDAP.
 
< Articolo Precedente   Prossimo Articolo >
[Indietro]



Visita anche www.savoldi.com