Upgrade to latest freeradius release

pcsd pcsd at canoemail.com
Mon May 11 21:55:45 CEST 2009


Thanks Ivan.
The ntdomain_hack was already in place.
I have provided some of the config files.


--- modules/mschap ---
mschap {
        with_ntdomain_hack = yes
}
------
--- proxy.conf ---
realm DUSAMBA1 {
        type = radius
        authhost = LOCAL
        authtype = LOCAL
#       ignore_null =yes
        strip
}
realm LOCAL {
        #  If we do not specify a server pool, the realm is LOCAL, and
        #  requests are not proxied to it.
}
------
--- eap.conf ---
        eap {
                default_eap_type = peap
                timer_expire     = 60
                ignore_unknown_eap_types = no
                cisco_accounting_username_bug = no
                max_sessions = 2048
                md5 {
                }
                leap {
                }
                gtc {
                        auth_type = PAP
                }
                tls {
                        certdir = ${confdir}/certs
                        cadir = ${confdir}/certs
                        private_key_password = pass123
                        private_key_file = ${certdir}/server.pem
                        certificate_file = ${certdir}/server.pem
                        CA_file = ${cadir}/ca.pem
                        dh_file = ${certdir}/dh
                        random_file = ${certdir}/random
                        cipher_list = "DEFAULT"
                        cache {
                               enable = no
                              lifetime = 24 # hours
                              max_entries = 255
                        }
                }
                ttls {
                        default_eap_type = md5
                        copy_request_to_tunnel = no
                        use_tunneled_reply = no
                        virtual_server = "inner-tunnel"
                }
                peap {
                        default_eap_type = mschapv2
                        copy_request_to_tunnel = no
                        use_tunneled_reply = no
                        virtual_server = "inner-tunnel"
                }
                mschapv2 {
                }
        }
------
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20090511/9445cd23/attachment.html>


More information about the Freeradius-Users mailing list