Problem with EAP-PEAP and freeradius3
Alan DeKok
aland at deployingradius.com
Tue Mar 10 14:53:21 CET 2015
On Mar 10, 2015, at 8:51 AM, Angel L. Mateo <amateo at um.es> wrote:
> In the inner tunnel I have:
> server eduroam-inner-tunnel {
> authorize {
> preprocess
> suffix
> eap
> files_eduroam_inner
> mschap
> Autz-Type LDAP-MSCHAP {
> ldap-email
> }
> pap
> }
Which means you find the password in LDAP *after* the PAP module tries to normalize it. Don’t do that. The PAP module should be listed after the module which retrieves the password:
...
Autz-Type LDAP-MSCHAP {
ldap-email
pap
}
pap
}
Alan DeKok.
More information about the Freeradius-Users
mailing list