PEAP/MSCHAPv2 - Host Account Authentication Only

alan buxey A.L.M.Buxey at
Thu Apr 26 00:58:06 CEST 2012


Matthew, I would say the check is a little sparse....and assumes
nothing else is in play...such as realms/proxying.... for what if
my username was

host\user at

its quite likely that this user would get proxied back to their
home site.....hence better to ensure the regex pattern is a bit tighter.

ah, joys of policies.

oh. actually, yes, you should ignore that i said add it to authorize..
what you SHOULD do is add the check to policy.conf and then call that
policy name in authorize.  ah, thats better, can sleep now! ;-)


More information about the Freeradius-Users mailing list