On 02/11/11 15:41, Matthew Arguin wrote:
and here is the debug when i test a laptop connecting:
Sigh. This is not the full debug. The full debug starts when radiusd starts up, and dumps the module configs. This is why we never ask people to give their configs - it's in the debug, and is redundant, but if you trim the debug, that's unhelpful.
[gtc] # Executing group from file /etc/raddb/sites-enabled/inner-tunnel [gtc] +- entering group PAP {...} [pap] login attempt with password "r0adkill" [pap] Using CRYPT password "*"
Where is this ^^^ coming from? i.e. "CRYPT password <star>" Something is setting a password somewhere. If it's not the LDAP module, it must be something else. Find it and remove it. If I "diff" the modules that are running when you do your successful PAP and your unsuccessful EAP/GTC inner-tunnel, I see the inner-tunnel has: [unix] returns updated <snip> [control] returns noop What are you updating in the inner-tunnel? You must have: server inner-tunnel { authorize { ... # this isn't here in the "default" unix ... # this isn't here in the "default" update control { ??? what here? } }