On Aug 23, 2019, at 9:37 AM, Linux Threads <linuxthreads@gmail.com> wrote:
please can you guide me how to handoff my wifi auth username and password to FR outer-el via PAP and then pass the username and password to linotp perl script via the inner-tunnel
Follow my guide to get 802.1X / EAP working: http://deployingradius.com Then, use "radclient" to test PAP passwords with the "inner-tunnel" virtual server. See the comments at the top of the "inner-tunnel" virtual server for more information. Do NOT try to test OTP + WiFi together. Make sure that WiFi works. Then independently, make sure that OTP works. Only when both work independently should you try WiFi + OTP. And be aware that WiFi is likely to not work well with OTP. WiFi clients want to cache the passwords for days. This is because the systems can connect and disconnect multiple times in an hour. Entering an OTP code *every time* you connect to Wifi is difficult and annoying.
tried to follow this http://lists.freeradius.org/pipermail/freeradius-users/2016-November/085830.... however not getting it to work
Fri Aug 23 12:28:17 2019 : Debug: (3) Auth-Type Perl { Fri Aug 23 12:28:17 2019 : Debug: (3) modsingle[authenticate]: calling perl (rlm_perl)
Follow the documentation for what to post to the list. This isn't difficult. And what you posted isn't what we need to see.
Fri Aug 23 12:28:17 2019 : Debug: (3) perl: &reply:Reply-Message = $RAD_REPLY{'Reply-Message'} -> 'LinOTP server denied access!'
That's pretty clear. Alan DeKok.