On Dec 31, 2018, at 9:56 AM, Anton Kiryushkin <swood@fotofor.biz> wrote:
As I understand I need two sites for authorizing clients via wifi and ethernet.
What's a "site" ? Please use *standard* words for things.
I made a different site, and I wrote a rule to redirect users. But. When I'm checking this solution I can't understand why freeradius expecting Cleartext-Password instead MD5-password (Please see log below):
Because you configured multiple passwords for the user.
(9) pap: WARNING: Config already contains a "known good" password (&control:Cleartext-Password). Ignoring &config:Password-With-Header (9) pap: Normalizing MD5-Password from base64 encoding, 24 bytes -> 16 bytes
You've configured the user with: Cleartext-Password Password-With-Header MD5-Password Why? It's your configuration. You should know what you've configured. None of that is in the default config.
(9) [pap] = updated (9) } # authorize = updated (9) Found Auth-Type = PAP (9) # Executing group from file /etc/raddb/sites-enabled/inner-tunnel (9) Auth-Type PAP { (9) pap: Login attempt with password (9) pap: Comparing with "known good" Cleartext-Password (9) pap: ERROR: Cleartext password does not match "known good" password (9) pap: Passwords don't match
Which seems to be clear. Alan DeKok.