Problem in PEAP authentication with SSID check

Alan DeKok aland at nitros9.org
Wed Apr 19 16:04:13 CEST 2006


Antonio Matera <antonio.matera at create-net.it> wrote:
> I can't authenticate my client with PEAP when in the user I set the SSID 
> check.
> My user is the following:
> 
> cn-test  Cisco-AVPair == "ssid=cn-test", User-Password == "ciao"

  The password checks are done *inside* of the TLS tunnel.  The
Cisco-AVPair attribure is sent *outside* of the tunnel.

  You're trying to check two independent things with one entry in the
"users" file.

> my PEAP configuration is:
> 
> 
> peap {
> 
> 			 default_eap_type = mschapv2
> 		#	copy_request_to_tunnel = no

  Uncomment the last line and it will work.

  Alan DeKok.



More information about the Freeradius-Users mailing list