Problems with EAP and LDAP replyItems (2.0.2)
Ivan Kalik
tnt at kalik.net
Wed Aug 20 10:18:57 CEST 2008
radiusCallingStationId is already mapped as Calling-Sattion-Id. Use
another ldap attribute name for this.
Ivan Kalik
Kalik Informatika ISP
Dana 20/8/2008, "tschaos at gmx.net" <tschaos at gmx.net> piše:
>-------- Original-Message --------
>> Datum: Tue, 19 Aug 2008 17:37:34 +0200
>> Von: tschaos at gmx.net
>> An: freeradius-users at lists.freeradius.org
>> Betreff: Problems with EAP and LDAP replyItems (2.0.2)
>
>> Hi Guys,
>>
>> Since freeradius2 has some major improvements I try to upgrade from 1.1.4.
>> Unfortunately there are a few problems i encounter:
>>
>> cause of some weird reason the server isn't sending back my LDAP
>> replyItems back to the NAS along the Access-Accept packet.
>>
>> In short i want to authenticate using EAP/PEAP against the server, which
>> itself checks against our LDAP Server. Additionally the server should also
>> send back a specific replyItem stored in our LDAP.
>>
>> configuration looks like:
>>
>> authorize {
>> preprocess
>> eap {
>> ok = return
>> }
>>
>> ldap1
>> }
>>
>>
>> authenticate {
>> Auth-Type MS-CHAP {
>> mschap
>> }
>> eap
>> }
>>
>> in ldap.attrmap the following is configured:
>>
>> replyItem Airespace-Interface-Name radiusCallingStationId
>>
>> so LDAP-Attribute radiusCallingStationId should be transformed to an
>> attribute called "Airespace-Interface-Name" and sent back to the NAS.
>>
>> As you can see in the following debug-output, at the beginning the server
>> sends the attribute back as supposed, but for some weird reason in the
>> access-accept packet the attribute isnt sent along.
>>
>> whats wrong here?
>>
>> Thanks in advance!
>>
>> debug-output: [cutted]
>
>Noone has any clue, why this doesnt work? I really wanted to deploy the server tonight.
>
>Any help is welcome!
>
>thanks,
>Peter
>--
>Psssst! Schon das coole Video vom GMX MultiMessenger gesehen?
>Der Eine für Alle: http://www.gmx.net/de/go/messenger03
>-
>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>
More information about the Freeradius-Users
mailing list