Re: eap/peap-mschap-v2 users file and check items
Sascha Lucas <slu@dmc.de> wrote:
> The users file for working peap-mschap-v2 looks this way:
>
> test Auth-Type := EAP, User-Password == "abc123"
No, it doesn't. If you did that, you didn't read the documentation.
Don't set Auth-Type. It's NOT necesary.
And use := for User-Password, not ==.
> And I want it also to check for NAS-IP and NAS-Port. Doing local tests (non
> eap with radiusclient) this line works:
>
> test Auth-Type := Local, User-Password == "abc123", NAS-IP-Address ==
> 10.41.10.252, NAS-Port == 20
Once again, the same comments apply.
> it dosn't work. The output of radiusd -X is at the end of this mail.
It doesn't work because of the previous comments.
What you've done in your configuration is to force EAP-MSCHAP-v2 to
work, and then force clear-text passwords to work. By doing that,
you've forced all OTHER authentication methods to not work. Then, you
tested with PEAP, and it didn't work....
Alan DeKok.
This archive was generated by a fusion of
Pipermail (Mailman edition) and
MHonArc.