EAP - Anonymous - Proxying

A.L.M.Buxey at lboro.ac.uk A.L.M.Buxey at lboro.ac.uk
Sun Sep 6 14:24:15 CEST 2015


Hi,

> ====== conf file used by eapol_test
> network={
>         ssid="example"
>         key_mgmt=WPA-EAP
>         eap=TTLS
>         identity="prova2 at euclidebari.it"
>         anonymous_identity="mickymouse"
>         password="prova2a"
>         phase2="auth=PAP"
> }

theres your problem - anonymous_identity="mickymouse"  - theres no realm!

that should be either

anonymous_identity="mickymouse at euclidebari.it"
or 
anonymous_identity="@euclidebari.it"


the anonymous identity will still have the correct realm in it or nothing
would work.  in most OS's, the anonymous identity automatically inherits the
inner id realm... however, the inner ID can be realm-less with only the outer
ID containing the realm eg

network={
        ssid="eduroam"
        key_mgmt=WPA-EAP
        eap=TTLS
        identity="prova2"
        anonymous_identity="mickymouse at euclidebari.it"
        password="prova2a"
        phase2="auth=PAP"
}


now try.....

PS if starting a new install, dont even bother with 2.x - go straight to 3.x and start with
that - otherwise you'll have to be migrating 2.x to 3.x within the year anyway....


alan


More information about the Freeradius-Users mailing list