20 Dec
2005
20 Dec
'05
9:29 p.m.
It seems that rlm_mschap do not include Cisco-AVPair = "ssid=is_client" in its auth request
How can I solve this situation?
You haven't put enough of the debug log to be certain, but that sounds like a reasonable supposition:
try:
eap { peap { copy_request_to_tunnel = yes # other things here } }
PEAP (and in fact TTLS) make a "fake" Radius request from the inner auth (e.g. MSCHAP) proxied to 127.0.0.1. That request by default only has a small number of AVPs. The copy_request_to_tunnel tells FreeRadius to copy the AVPs from the original to the new request.
thanx, it helps.