Freeradius + LDAP + EAP-TTLS with PAP cannot login

Alan DeKok aland at deployingradius.com
Wed Jul 4 11:51:12 CEST 2007


Andreas Wetzel wrote:
> Did anybody notice, that hostapd *always* sends a NAS-Port with a value of 0
> for *any* connected station? This happens for me with the hostapd 0.4.8
> included with FreeBSD 6.2, as well as with hostapd 0.5.8. And it is presumably
> the reason, why I cannot seem to get radwho to function properly. The radutmp
> module seems to use a combination of NAS-Identifier and NAS-Port to
> differentiate it's records. When station-B associates to the AP, the radutmp
> record for station-A gets overwritten :-(

  Many AP's do something similar.  Since the connection between the end
host and the AP is wireless, there's no physical port for them to
connect to.  So there's no physical port to report to the RADIUS server.

  The solution on the RADIUS server is to have a "utmp" file with a
configurable key.  In this case, you would use the client MAC address.

  However, doing that involves re-writing the radutmp module.  It also
needs to be re-written to support IPv6, too.

  Alan DeKok.



More information about the Freeradius-Users mailing list