Hi, (snipp)
modcall[authorize]: module "files" returns ok for request 0 modcall: group authorize returns updated for request 0 rad_check_password: Found Auth-Type LDAP auth: type "LDAP" Processing the authenticate section of radiusd.conf modcall: entering group Auth-Type for request 0 rlm_ldap: - authenticate rlm_ldap: Attribute "User-Password" is required for authentication. (snipp) Any ideas where I might go wrong?
I guess you're telling the RADIUS server to _always_ do LDAP, even if it's the "outer" protocol where "EAP-TTLS" is needed, not only for the "inner" protocol which is using PAP. Look into the mailing list archives for "FreeRadius-Proxied-To" (or something similar) on how to tell apart packets of "outer" and "inner" protocol and set the Auth-Type only for the "inner" one. Hope this isn't to cryptic and does help, Stefan