Unknown username and password matching

Dan Strong danstrong_01 at hotmail.co.uk
Thu Apr 11 20:40:10 CEST 2019


I'm wondering if anyone could give me a config example on this? Feel like I'm going round in circles and not sure if what I'm asking is possible? Below is what I originally had:

DEFAULT Auth-Type = Accept
                 Tunnel-Private-Group-ID = "100",
                 Cisco-AVPair = "psk=testcisco1"

DEFAULT Auth-Type = Accept
                 Tunnel-Private-Group-ID = "101",
                 Cisco-AVPair = "psk=testcisco2"

I know the first entry will be matched, which is why its only dropping me on to vlan 100 with testcisco1 only validating.

So below I've got the following:

In dictionary I set an attribute as a string called: Cisco-Wireless-PSK

Then I have key in the files set as:

key = %{Cisco-Wireless-PSK]" }

I have then written the below, BUT I've no idea which file or where this should be placed...

foreach (Cisco-AVPair) {
      if %{Foreach-Variable-0} =~ /^psk=testcisco[0-9](.+)$/) {
        update control {
          Cisco-Wireless-PSK := "%{1}"
        }
      }
    }

Then finally I should have this:

testcisco1   Auth-Type = Accept
                    Tunnel-Private-Group-ID = "100",
                    Cisco-AVPair = "psk=testcisco1"

testcisco2  Auth-Type = Accept
                   Tunnel-Private-Group-ID = "101",
                   Cisco-AVPair = "psk=testcisco2"


Feel free to tell me this is all wrong!







Many thanks



More information about the Freeradius-Users mailing list