Navigation
Authentication methods
Sun, 01/10/2010 - 19:17 — polecat
It seems that CoovaAP (or CoovaChilli) uses CHAP to authenticate against the RADIUS server (NPS on Win2k8).
Can you use other sorts of EAP? Certificates etc?
/Calle
- Login to post comments
Nope, no EAP. Chilli can do
Nope, no EAP. Chilli can do PAP, CHAP, and when using OpenSSL there is also MSCHAPv2. It could do an EAP-MD5 (would be the easiest), but honestly I don't think captive portal security really needs it -- it's not, by any means, "secure wireless". When wanting strong and mutual authentication (whereby the client verifies the server and visa versa) then you want WPA Enterprise/802.1x.
OK, thanks for the
OK, thanks for the answer...
If I would like to use PAP between router/ap <-> RADIUS server (which means that I don't need to have passwords saved non-encrypted in the windows AD), how do I configure that?
Couldn't fint it here...
Right now I've configured my hotspot solution without encryption for the WLAN, but I'm about to use WPA-PSK (initially) and later maybe WPA Enterprise/802.1x.
See the hostspotlogin.cgi
See the hostspotlogin.cgi script... having it use PAP, CHAP, (or even MSCHAPv2) depends on what query parameters you send to the /logon special url.
http://dev.coova.org/svn/coova-chilli/doc/hotspotlogin.cgi
I'm only using the internal
I'm only using the internal hotpsot, not the hotspotlogin.cgi file on an external web server.
Is it possible to use PAP for the internal hotspot? (Right now it uses (as default I guess) CHAP against the RADIUS).
Thanks!
/Calle
Bump! Is there a way to use
Bump!
Is there a way to use PAP for the internal hotspot? (Right now it uses (as default I guess) CHAP against the RADIUS).
(not external web server with hotspotlogin.cgi)
Thanks!
/Calle
David, do you have the
David, do you have the answer?
If you have the time, I really would appreciate it!
Thanks.
/Calle
It's not a feature of the
It's not a feature of the GUI, but is possible in the code. Will keep it in mind when working on beta.9.
Okay, thanks for the answer
Okay, thanks for the answer David! Is it easy to change in the code?
I really would like to have PAP, that uses encrypted passwords in Active Directory, instead of CHAP, that needs passwords saved in clear text.
I'm in a bit of a hurry (rolling out the WLAN really soon), so if I can do it by myself, I would be glad to know how!? :)
Hope for a quick answer.
Thanks for the support!
/Calle
David, did you know how to do
David, did you know how to do this?
I'm in a bit of a hurry, and would really appreciate the help!
Thanks in advance!
/Calle
it'll require a feature to
it'll require a feature to the chilli_response utility (to format the password for pap), but looks like we can do something about this. will keep you posted.
Okay, nice! Keep me
Okay, nice!
Keep me updated!
I hope you'll release the 1.09 final soon. :)
I'm waiting...
/Calle
Keep trying the most
Keep trying the most recents... http://ap.coova.org/1.0-beta.9-test/
thanks for testing!
No problems... But the
No problems...
But the Internal Hotspot with HTTPS still doesn't work til the 1.09test (works in 1.07d, but not in 1.08), and therefore the release right now isn't good enough for me :(
/Calle
grab it and try it
grab it and try it again,
http://ap.coova.org/1.0-beta.9-test/
Just flushed my wrt54gl, and
Just flushed my wrt54gl, and installed latest 1.09beta.
Settings used: internal hotspot, https, pap, non-encrypted WLAN...
Problems: when connecting to wireless network, It won't connect (get no ip etc). Then I checked the Status/Hotspot page in the CoovaAP firmware, and there it says that: coova-chilli is NOT running... When I try to start I get the following error messages:
Starting coova-chilli...
Splitting the wired from wireless
Resetting the network interfaces...
insmod: A module named tun already exists
coova-chilli[4347]: options.c: 174: could not generate configuration (/tmp/chilli-4347/config.bin), sleeping one second
And at the botton om the webpage I get this:
coova-chilli[4347]: options.c: 174: could not generate configuration (/tmp/chilli-4347/config.bin), sleeping one second coova-chilli[4347]: options.c: 174: could not generate configuration (/tmp/chilli-4347/config.bin), sleeping one second coova-chilli[4347]: options.c: 174: could not generate configuration (/tmp/chilli-4347/config.bin), sleeping one second coova-chilli[4347]: options.c: 174: could not generate configuration (/tmp/chilli-4347/config.bin), sleeping one second coova-chilli[4347]: options.c: 174: could not generate configuration (/tmp/chilli-4347/config.bin), sleeping one second coova-chilli[4347]: options.c: 174: could not generate configuration (/tmp/chilli-4347/config.bin), sleeping one second coova-chilli[4347]: options.c: 174: could not generate configuration (/tmp/chilli-4347/config.bin), sleeping one second coova-chilli[4347]: options.c: 174: could not generate configuration (/tmp/chilli-4347/config.bin), sleeping one second coova-chilli[4347]: options.c: 174: could not generate configuration (/tmp/chilli-4347/config.bin), sleeping one second coova-chilli[4347]: options.c: 174: could not generate configuration (/tmp/chilli-4347/config.bin), sleeping one second coova-chilli[4347]: options.c: 174: could not generate configuration (/tmp/chilli-4347/config.bin), sleeping one second coova-chilli[4347]: options.c: 174: could not generate configuration (/tmp/chilli-4347/config.bin), sleeping one second coova-chilli[4347]: options.c: 174: could not generate configuration (/tmp/chilli-4347/config.bin), sleeping one second coova-chilli[4347]: options.c: 174: could not generate configuration (/tmp/chilli-4347/config.bin), sleeping one second coova-chilli[4347]: options.c: 174: could not generate configuration (/tmp/chilli-4347/config.bin), sleeping one second coova-chilli[4347]: options.c: 174: could not generate configuration (/tmp/chilli-4347/config.bin), sleeping one second coova-chilli[4347]: options.c: 174: could not generate configuration (/tmp/chilli-4347/config.bin), sleeping one second coova-chilli[4347]: options.c: 174: could not generate configuration (/tmp/chilli-4347/config.bin), sleeping one second coova-chilli[4347]: options.c: 174: could not generate configuration (/tmp/chilli-4347/config.bin), sleeping one second coova-chilli[4347]: options.c: 174: could not generate configuration (/tmp/chilli-4347/config.bin), sleeping one second coova-chilli[4347]: options.c: 174: could not generate configuration (/tmp/chilli-4347/config.bin), sleeping one second coova-chilli[4347]: options.c: 174: could not generate configuration (/tmp/chilli-4347/config.bin), sleeping one second coova-chilli[4347]: options.c: 174: could not generate configuration (/tmp/chilli-4347/config.bin), sleeping one second coova-chilli[4347]: options.c: 174: could not generate configuration (/tmp/chilli-4347/config.bin), sleeping one second coova-chilli[4347]: options.c: 174: could not generate configuration (/tmp/chilli-4347/config.bin), sleeping one second
Please fix this, and post here so I can download an updated TEST version of 1.09beta.
Hopefully you can fix this really quick, I really would like to have this running this week, or even tomorrow :)
Thanks.
/Calle
Bump!I really hope this can
Bump!
I really hope this can be fixed soon... David?
In the previous post: "flushed", should be "flashed".
Thanks in advance!
/Calle
perhaps we make chilli for
perhaps we make chilli for forgiving... checkout the newest from today.
Still problems... (with
Still problems... (with internal hotspot and https (and PAP)).
Coovachilla isn't started from boot (which it should be?!) and when I try to start it in status/hotspot I recieve:
Starting coova-chilli...
Splitting the wired from wireless
Resetting the network interfaces...
insmod: A module named tun already exists
And at the bottom of the page:
coova-chilli[5447]: options.c: 174: could not generate configuration (/tmp/chilli-5447/config.bin), sleeping one second coova-chilli[5447]: options.c: 174: could not generate configuration (/tmp/chilli-5447/config.bin), sleeping one second coova-chilli[5447]: options.c: 174: could not generate configuration (/tmp/chilli-5447/config.bin), sleeping one second coova-chilli[5447]: options.c: 174: could not generate configuration (/tmp/chilli-5447/config.bin), sleeping one second coova-chilli[5447]: options.c: 174: could not generate configuration (/tmp/chilli-5447/config.bin), sleeping one second coova-chilli[5447]: options.c: 174: could not generate configuration (/tmp/chilli-5447/config.bin), sleeping one second coova-chilli[5447]: options.c: 174: could not generate configuration (/tmp/chilli-5447/config.bin), sleeping one second coova-chilli[5447]: options.c: 174: could not generate configuration (/tmp/chilli-5447/config.bin), sleeping one second coova-chilli[5447]: options.c: 174: could not generate configuration (/tmp/chilli-5447/config.bin), sleeping one second coova-chilli[5447]: options.c: 174: could not generate configuration (/tmp/chilli-5447/config.bin), sleeping one second coova-chilli[5447]: options.c: 174: could not generate configuration (/tmp/chilli-5447/config.bin), sleeping one second coova-chilli[5447]: options.c: 174: could not generate configuration (/tmp/chilli-5447/config.bin), sleeping one second coova-chilli[5447]: options.c: 174: could not generate configuration (/tmp/chilli-5447/config.bin), sleeping one second coova-chilli[5447]: options.c: 174: could not generate configuration (/tmp/chilli-5447/config.bin), sleeping one second coova-chilli[5447]: options.c: 174: could not generate configuration (/tmp/chilli-5447/config.bin), sleeping one second coova-chilli[5447]: options.c: 174: could not generate configuration (/tmp/chilli-5447/config.bin), sleeping one second coova-chilli[5447]: options.c: 174: could not generate configuration (/tmp/chilli-5447/config.bin), sleeping one second coova-chilli[5447]: options.c: 174: could not generate configuration (/tmp/chilli-5447/config.bin), sleeping one second coova-chilli[5447]: options.c: 174: could not generate configuration (/tmp/chilli-5447/config.bin), sleeping one second coova-chilli[5447]: options.c: 174: could not generate configuration (/tmp/chilli-5447/config.bin), sleeping one second coova-chilli[5447]: options.c: 174: could not generate configuration (/tmp/chilli-5447/config.bin), sleeping one second coova-chilli[5447]: options.c: 174: could not generate configuration (/tmp/chilli-5447/config.bin), sleeping one second coova-chilli[5447]: options.c: 174: could not generate configuration (/tmp/chilli-5447/config.bin), sleeping one second coova-chilli[5447]: options.c: 174: could not generate configuration (/tmp/chilli-5447/config.bin), sleeping one second coova-chilli[5447]: options.c: 174: could not generate configuration (/tmp/chilli-5447/config.bin), sleeping one second coova-chilli[5447]: options.c: 174: could not generate configuration (/tmp/chilli-5447/config.bin), sleeping one second
In the syslog I get:
Feb 3 16:12:41 XXXX kern.warn coova-chilli[994]: options.c: 174: could not generate configuration (/tmp/chilli-994/config.bin), sleeping one second
Feb 3 16:12:43 XXXX kern.err syslog: main-opt.c: 327: Could not resolve IP address of uamserver: https://coova.ap.coova.org/www/login.chi!
Feb 3 16:12:43 XXXX kern.warn coova-chilli[3043]: options.c: 174: could not generate configuration (/tmp/chilli-3043/config.bin), sleeping one second
Feb 3 16:12:43 XXXX kern.err syslog: main-opt.c: 327: Could not resolve IP address of uamserver: https://coova.ap.coova.org/www/login.chi!
Feb 3 16:12:43 XXXX kern.warn coova-chilli[4432]: options.c: 174: could not generate configuration (/tmp/chilli-4432/config.bin), sleeping one second
Feb 3 16:12:43 XXXX kern.err syslog: main-opt.c: 327: Could not resolve IP address of uamserver: https://coova.ap.coova.org/www/login.chi!
Feb 3 16:12:43 XXXX kern.warn coova-chilli[994]: options.c: 174: could not generate configuration (/tmp/chilli-994/config.bin), sleeping one second
Feb 3 16:12:43 XXXX kern.err syslog: main-opt.c: 327: Could not resolve IP address of uamserver: https://coova.ap.coova.org/www/login.chi!
Feb 3 16:12:43 XXXX kern.warn coova-chilli[5447]: options.c: 174: could not generate configuration (/tmp/chilli-5447/config.bin), sleeping one second
Feb 3 16:12:54 XXXX kern.err syslog: main-opt.c: 327: Could not resolve IP address of uamserver: https://coova.ap.coova.org/www/login.chi!
Feb 3 16:12:54 XXXX kern.warn coova-chilli[3043]: options.c: 174: could not generate configuration (/tmp/chilli-3043/config.bin), sleeping one second
Feb 3 16:12:54 XXXX kern.err syslog: main-opt.c: 327: Could not resolve IP address of uamserver: https://coova.ap.coova.org/www/login.chi!
Feb 3 16:12:54 XXXX kern.warn coova-chilli[5447]: options.c: 174: could not generate configuration (/tmp/chilli-5447/config.bin), sleeping one second
Feb 3 16:12:54 XXXX kern.err syslog: main-opt.c: 327: Could not resolve IP address of uamserver: https://coova.ap.coova.org/www/login.chi!
Feb 3 16:12:54 XXXX kern.err syslog: main-opt.c: 327: Could not resolve IP address of uamserver: https://coova.ap.coova.org/www/login.chi!
Feb 3 16:12:54 XXXX kern.warn coova-chilli[994]: options.c: 174: could not generate configuration (/tmp/chilli-994/config.bin), sleeping one second
Feb 3 16:12:54 XXXX kern.warn coova-chilli[4432]: options.c: 174: could not generate configuration (/tmp/chilli-4432/config.bin), sleeping one second
Feb 3 16:12:55 XXXX kern.err syslog: main-opt.c: 327: Could not resolve IP address of uamserver: https://coova.ap.coova.org/www/login.chi!
Feb 3 16:12:55 XXXX kern.warn coova-chilli[994]: options.c: 174: could not generate configuration (/tmp/chilli-994/config.bin), sleeping one second
Feb 3 16:12:55 XXXX kern.err syslog: main-opt.c: 327: Could not resolve IP address of uamserver: https://coova.ap.coova.org/www/login.chi!
Feb 3 16:12:55 XXXX kern.warn coova-chilli[3043]: options.c: 174: could not generate configuration (/tmp/chilli-3043/config.bin), sleeping one second
Feb 3 16:12:55 XXXX kern.err syslog: main-opt.c: 327: Could not resolve IP address of uamserver: https://coova.ap.coova.org/www/login.chi!
Feb 3 16:12:55 XXXX kern.warn coova-chilli[4432]: options.c: 174: could not generate configuration (/tmp/chilli-4432/config.bin), sleeping one second
Feb 3 16:12:55 XXXX kern.err syslog: main-opt.c: 327: Could not resolve IP address of uamserver: https://coova.ap.coova.org/www/login.chi!
Feb 3 16:12:55 XXXX kern.warn coova-chilli[5447]: options.c: 174: could not generate configuration (/tmp/chilli-5447/config.bin), sleeping one second
I don't know what have happened since the 1.07d version, but it isn't working... I need: Internal Hotspot, HTTPS and PAP-auth this weekend.
Thanks in advance.
Calle
Testing with the latest firmware
Hi David,
I'm testing with the .09 downloaded a few minutes back and I'm getting the exact same error as Cale.
Sorry for the delay, a fix
Sorry for the delay, a fix was uploaded here