Re: freeradius-proxy + PAP works, PEAP and the rest doesn´t
Alan DeKok
aland at deployingradius.com
Sun Jul 6 09:17:16 CEST 2008
uni at christiankraus.de wrote:
> What is not working:
>
> - Login through Web Redirect homepage + PAP + external servers
See the FAQ for "it doesn't work".
And if the home server is returning an Access-Reject, don't bother
posting the debug output from FreeRADIUS. Fix the home server so that
it doesn't reject requests from FreeRADIUS. NOTHING ELSE WILL WORK.
> - PAP through IAS/RADIUS to external servers was working
> - PAP through the FreeRADIUS server to external servers isn´t working
>
> So, how to fix this?
Use Wireshark to look at the packets proxied by IAS, and then by
FreeRADIUS. See what the differences are.
RADIUS isn't magic. If the packets are identical (or nearly so), then
the home server will treat them the same.
If the packets are pretty much the same, then the home server is
rejecting the FreeRADIUS proxy based on it's IP address.
And I fail to understand why this is a FreeRADIUS problem. As said
repeatedly, the HOME SERVER is rejecting the user. Look at the logs on
the HOME SERVER to figure out why it's behaving this way.
You're trying to debug the home server by looking at FreeRADIUS. This
is useless, and a waste of time. You need to be convinced of this fact,
as (so far) it seems that you're still trying to "fix" FreeRADIUS.
Alan DeKok.
More information about the Freeradius-Users
mailing list