On Fri, Mar 25, 2011 at 10:12 AM, <John.Hayward@wheaton.edu> wrote:
Free Radius Fans,
First - thanks to the people who contribute to this product!
Our environment - Wireless 802.1x, Novell NDSLdap to lookup passwords or mysql, Peap with mschapv2.
I observe when a client successfully authenticates to the radius server there are two "Auth: Login OK:" messages - one with a via TLS tunnel and one without. In looking at the eap messages (ID 9 or 10) it appears that the inner tunnel return a success but the outer sends another request.
I believe there's also another (possibly related) bug: I disabled eap completely (comment-out the line "$INCLUDE eap.conf" on radiusd.conf, removed sites-enabled/inner-tunnel, and removed all reference to "eap" on sites-available/default and my virtual server), yet with a simple "radtest" radius.log shows this: Fri Mar 25 10:42:08 2011 : Auth: Login OK: [xxxx@myrealm] (from client localhost port 0 via TLS tunnel) Fri Mar 25 10:42:08 2011 : Auth: Login OK: [xxxx@myrealm] (from client localhost port 0) So far it's only annoying, so I just ignore it. -- Fajar