captive portal auth with freeradius
chitrang.srivastava at gmail.com
Fri Apr 19 17:29:57 CEST 2013
I am using Microsoft 2003 Active Directory Server , the way wifi (MSCHAPv2)
works is with ntlm_auth , which does the authentication.
- your LDAP module isn't setting Auth-Type for some reason
This is happening because of
and if I do the way its suggested , Auth Type get set to ldap_secondary.
If this works, how this is going to solved because what I saw that it
still doesn't do mschapv2.
The way it works with wifi or radtest is , Auth-Type is set to EAP (it
refers to eap.conf ) , it goes to mschap modules(set up TLS channel and
then under that) , from there its told to use external program ntlm_auth ,
which does the authentication and tells radius if its OK or not.
What i was trying , is to get similar way working with captive portal as
On Fri, Apr 19, 2013 at 7:29 PM, Matthew Newton <mcn4 at leicester.ac.uk>wrote:
> On Fri, Apr 19, 2013 at 06:15:09PM +0530, Chitrang Srivastava wrote:
> > tried what Matthew suggest , in authorize section and it worked. Whole
> > issue is captive portal is sending a non-EAP message with User-Password
> > , in this case we have to set auth type as ldap.
> It's obvious from your debug output that
> - your LDAP module isn't setting Auth-Type for some reason
> - your LDAP server isn't returning any sort of password (plain or
> and therefore you probably need to try and do that horrible hack
> of binding to the LDAP server to auth. Really, Alan is right -
> LDAP is not an authentication server, even though lots of people
> seem to think it is.
> Hence the suggestion to "fix" your problem by setting Auth-Type,
> iff it has not already been set, when not doing EAP and
> User-Password is supplied.
> The best solution is to fixup your LDAP server to return the
> crypted password back to FreeRADIUS. Like already pointed out, if
> it's AD, this isn't likely to happen.
> Matthew Newton, Ph.D. <mcn4 at le.ac.uk>
> Systems Specialist, Infrastructure Services,
> I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom
> For IT help contact helpdesk extn. 2253, <ithelp at le.ac.uk>
> List info/subscribe/unsubscribe? See
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Freeradius-Users