Problem in PEAP authentication with SSID check
Alan DeKok
aland at nitros9.org
Wed Apr 19 16:04:13 CEST 2006
Antonio Matera <antonio.matera at create-net.it> wrote:
> I can't authenticate my client with PEAP when in the user I set the SSID
> check.
> My user is the following:
>
> cn-test Cisco-AVPair == "ssid=cn-test", User-Password == "ciao"
The password checks are done *inside* of the TLS tunnel. The
Cisco-AVPair attribure is sent *outside* of the tunnel.
You're trying to check two independent things with one entry in the
"users" file.
> my PEAP configuration is:
>
>
> peap {
>
> default_eap_type = mschapv2
> # copy_request_to_tunnel = no
Uncomment the last line and it will work.
Alan DeKok.
More information about the Freeradius-Users
mailing list