Sorry I sent by mistake the earlier message, Thank Ivan now is working using that mapping in ldap.attrmap with both PEAP and TTLS. Now my question is: is radiusPassword send over network encrypted? thanks in advance!
Just map radiusPassword to Cleartext-Password and peap will ignore the encrypted userPassword and use Cleartext-Password. So, no extra virtual servers needed. In your ldap.attrmap it's mapped to clrtxtPassword.
ldap.attrmap checkItem $GENERIC$ radiusCheckItem replyItem $GENERIC$ radiusReplyItem checkItem Cleartext-Password clrtxtPassword checkItem User-Password userPassword
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-- -- Open Kairos http://www.openkairos.com Watch More TV http://sebelk.blogspot.com Sergio Belkin -