Debug output changes
A.Cudbard-Bell at sussex.ac.uk
Thu May 3 15:42:06 CEST 2007
Alan DeKok wrote:
> Arran Cudbard-Bell wrote:
>> It is , far far far easier to understand, especially when loading the
>> config files... as the text scrolling down the screen actually resembles
>> the config file you've just been editing.
> Thanks. That's what the intention was.
>> Just to clarify with EAP
>> updated -> I need to do db lookups to get password hashes etc
>> ok -> I'm processing an eap conversation , so don't bother with the
>> other modules.
>> noop -> Theres no eap message so i'm not going to do anything.
> Yes. See the comments around "eap" in the "authorize" section of
> "radiusd.conf" in the latest CVS.
> Alan DeKok.
> http://deployingradius.com - The web site of the book
> http://deployingradius.com/blog/ - The blog
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/devel.html
Ok so in a EAP conversation
EAP will return updated on the start of the conversation
To save establishing the TLS connection for a user which can never be
On inner encryption start , so the initial challenge if your using
Possibly to calculate the challenge (I don't know the inner workings of
When the response from the challenge is recieved.
Obviously needed to check the response is correct.
And then finally, when the user has to be authorised.
So you've halved the load on the db for EAP-PEAP :)
And now theres no need to mess about with Authz-Types ...
So no need to put the original source ip in internally forwarded packets.
Ok well, thats fixed just about all the issues I had with freeRADIUS.
Hows that book coming ? :)
Arran Cudbard-Bell (A.Cudbard-Bell at sussex.ac.uk)
Authentication, Authorisation and Accounting Officer
Infrastructure Services | ENG1 E1-1-08
University Of Sussex, Brighton
EXT:01273 873900 | INT: 3900
More information about the Freeradius-Devel