Erico Augusto wrote:
Hi,
I'm using EAP-TTLS to supplicant authentication.
to authenticate the users at freeradius, I'm using users file to match user's password: .... user User-Password == "test" Reply-Message = "success"
No. Do NOT match the users password. Instead, tell the server what the correct password is, and it will figure out what to do. user Cleartext-Password := "test" ...
Is there a way, using DEFAULT, for example, to return success to all users without the necessity to match the User-Password(bypass freeradius authentication). What I'm trying to do is authenticate users just at post-auth. I'm using some examples from doc directory, but without success...
You can't authenticate users at post-auth. And if you're using EAP, you can't just return "success", because part of EAP involves validating the password. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog