<html><body><div style="color:#000; background-color:#fff; font-family:arial, helvetica, sans-serif;font-size:14pt"><div>Thanks for your answer; I've been testing FreerRadius authentication against Active Directory with Microsoft RRAS setting FreeRadius as the RADIUS server for it and the authentication worked and as for the next step I'll go on configuring my Fortigate firewall to use FreeRadius as a RADIUS server; I'll send the output from radiusd -X for you.</div><div>By the way, right now I'm testing something else called ZeroShell which as well is using FreeRadius (config files at /etc/raddv.v2). It has a nice web interface and includes the accounting feature I'm looking for. Anyone knows how to get it integrated with Active Directory?</div><div></div><div> </div><div><br><br></div><div>-----------------------<br>Regards, Alireza<br> <blockquote style="border-left: 2px solid rgb(16, 16, 255); margin-left: 5px; margin-top: 5px; padding-left:
5px;"> <div style="font-family: arial, helvetica, sans-serif; font-size: 14pt;"> <div style="font-family: 'times new roman', 'new york', times, serif; font-size: 12pt;"> <div dir="ltr"> <font size="2" face="Arial"> <hr size="1"> <b><span style="font-weight:bold;">From:</span></b> "A.L.M.Buxey@lboro.ac.uk" <A.L.M.Buxey@lboro.ac.uk><br> <b><span style="font-weight: bold;">To:</span></b> FreeRadius users mailing list <freeradius-users@lists.freeradius.org> <br> <b><span style="font-weight: bold;">Sent:</span></b> Friday, January 25, 2013 2:40 PM<br> <b><span style="font-weight: bold;">Subject:</span></b> Re: Quick question about RFC 3579 2.6.5<br> </font> </div> <br>
Hi,<br><br>> Well, RFC 3579 2.6.5 says : If EAP-Message, then there MUST not be a<br>> Reply-Message. I understand the point on this based on the RFC.<br><br>check RFC 5080 - which updates that RFC. however, your reply message is<br>not going on as part of the EAP conversation....you are sending the reply<br>message to the outer-tunnel as part of the reject...no within the inner-tunnel<br>EAP session...so there shouldnt be any EAP message around (but hey, who knows? ! ;-) )<br><br>just run in debug mode (radiusd -X) and check/see what packets and contents <br>you are sending <br> <br><br>dont worry too much - some RADIUS servers break all the specs with regards to<br>contents of some packets...at least FreeRADIUS gives you the chance to behave<br>( I assume you are running the attr filter on access requests to keep the contents<br>legal? ;-) )<br><br>alan <br>-<br>List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html<br><br><br> </div> </div> </blockquote> </div></div></body></html>