26 Mar
2010
26 Mar
'10
10:41 a.m.
Fred MAISON wrote:
Hello freeradius-users, I search a way to ignore phase1 identity and avoid ldap access during phase1 for EAP-PEAP/mschapv2
See raddb/sites-enabled/inner-tunnel
I have a basic setup which seems to work (eapol-test compiled from hostapd sources), but generate a lot of logs and ldap access during phase1.
Because you configured it to do that. Fix it so that the LDAP lookups happen only in the inner tunnel.
It also fails if outter identity is unknown in ldap (anonymous or other fancy id encoutered in customer's freeradius v1 production auth_logs ...)
Because you configured it to do LDAP lookups during tunnel setup. Why? Alan DeKok.