[Freeipa-users] freeipa radius cisco
John Dennis
jdennis at redhat.com
Wed Jan 16 17:13:57 UTC 2013
On 01/16/2013 11:44 AM, Han Boetes wrote:
> This might be somewhat off-topic but I'll ask anyway.
>
> First my questions:
>
> How do I get the cisco device -- a 3750 with the latest software image
> -- to use EAP-TTLS and what am I missing for the rest.
Sorry, I can't help you with cisco configuration, maybe others can. But
I can help with FreeRADIUS.
> # Executing group from file /etc/raddb//sites-enabled/default
> +- entering group Kerberos {...}
> rlm_krb5: [hb] krb5_sname_to_principal failed: Hostname cannot be
It's failing because it's finding a bogus value for the service
principal. This is configured in /etc/raddb/modules/krb5, by default it's
krb5 {
keytab = /path/to/keytab
service_principal = name_of_principle
}
How did you configure these?
--
John Dennis <jdennis at redhat.com>
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
More information about the Freeipa-users
mailing list