Is it possible to specify which authorization mode is being used?

Wed Aug 5 10:48:51 CEST 2020

Hi everyone,

I am brand new to FreeRadius so please excuse me for what could be a simple
question with a simple answer.

Is it possible to specify which authentication mode and tunnel type are
being used? If yes, what files do I need to modify in order to do this? I
have tried reading the documentation and looking through some of the config
files, but as a complete beginner at this, I'm not sure if I'm even looking
in the right places.

Background: I work with software testing for reMarkable (we create an E ink
tablet based on Linux), and we want to conduct more specified testing on
WPA Enterprise (802.1X over Wi-Fi). At the moment we have done testing on
our network gear which consists of Ubiquiti Unifi which only implements
eap_peap with MSCHAPv2. While this is probably used for many companies all
over the world, we would like to test other kinds of authentication and
tunnel types, thus I started setting up FreeRadius on a Raspberry Pi 4,
running Ubuntu 19.10 for IoT devices.

Our tablet runs a flavor of Linux, using wpa_supplicant and should (in
theory) be able to connect to most kinds of network. However, we know that
certificate-based networks won't work at the moment due to not having a way
to import licenses. However, I do believe there are other types of networks
not needing certificates, and these are the ones we'd like to test.

I got FreeRadius up and running, but for every connection attempt, I can
see from the output with "freeradius -X" that eap_peap and MSCHAPv2 are
used. I want to be able to set specific (valid) values so that our company
can implement and properly test the different variations of auth modes and
tunnels.

I have also attached the (entire) output from 'freeradius -X'.

If I miss any details or lack some information in my above text, please let
me know, and I'll make sure to clarify/elaborate.
Forhåndsvis vedlegget freeradius -x.txt
freeradius -x.txt
85 KB
<https://mail.google.com/mail/u/0?ui=2&ik=beb323e764&attid=0.1&permmsgid=msg-a:r4106961669240942744&th=17211f3c16425f46&view=att&disp=safe&realattid=f_ka5clo290>
-- 

*Kristian Faller*

QA Engineer

kristian.faller at remarkable.com

+47 908 06 444 <+4790806444>

Biermanns gate 6, 0473 Oslo, Norway <https://goo.gl/maps/YU24JR1ZYQM2>

remarkable.com

[image: cid:85D31282-3FFB-4F74-B5D9-6CB7ED4003E7]

The privileged confidential information contained in this email is intended
for use only by the addressees as indicated by the original sender of this
email. If you are not the addressee indicated in this email or are not
responsible for delivery of the email to such a person, please kindly reply
to the sender indicating this fact and delete all copies of it from your
computer and network server immediately. Your cooperation is highly
appreciated. It is advised that any unauthorized use of confidential
information of REMARKABLE AS is strictly prohibited.