Thanks for everyone's help. I have it working nicely now, but have one more situation I just started testing.
I want to use the same radius servers to authenticate users on a different wireless network though a captive portal to the same eDirectory servers via LDAP.
In order for the captive portal authentication to work, I had to put LDAP back in the authorize section, which breaks all the work I just did to reduce the calls to the eDirectory servers for my other network that uses 802.1X.
Is there a way around this to have both working at the same time?
Thanks,
Nathan
Nathan P. Hay
Network Engineer
Computer Services
Cedarville University
www.cedarville.edu >>> <A.L.M.Buxey@lboro.ac.uk> 11/13/2007 5:36 AM >>>
Hi,
> Do I then remove ldap from the authorize section so that it doesn't call
> it every packet? I did a bunch of testing and it seems that I have to
> do that to reduce the number of calls to our eDirectory servers.
yes - only call it from the INNER check. otherwise you are in exactly
the same situation
alan
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html