very long regular expression...
Phil Mayers
p.mayers at imperial.ac.uk
Sat Nov 25 15:57:35 CET 2006
Norbert Grochal wrote:
>
> OK, It almost works fine, but if there is no mac in my mac2ok file then
> users file doesn't put REJECT into Auth-Type.
> I have added that line at the begining of users file:
>
> DEFAULT Auth-Type := REJECT, My-Local-String !* "a"
>
> and if there is no mac in mac2ok file then user cannot login into network.
>
> but if there is mac in mac2ok file (so My-Local-String exist) I have always:
>
> rlm_eap_peap: Had sent TLV failure, rejecting.
Just showing that one line is useless. You need to post the entire debug
output of "radiusd -X" so we can see the entire EAP conversation to
determine the problem.
>
> My freeradius version is 1.1.0
>
> If I remove the first line from users file all is ok. Users can login only
> from specified access points.
>
> The first line in users file works fine, if there is no mac in mac2ok
> file...
I'm sorry, I don't really understand. Could you try re-phrasing the problem.
You could maybe try something like this in "users".
DEFAULT My-Local-String == "ok"
Fall-Through = No
DEFAULT Auth-Type := Reject
>
> Can I add at the begining or at the end (?) of mac2ok file something like
> *:bad
> and everything will be 'bad' but ok will be overwritten by 'good' ??
No. You would use appropriately-ordered "users" file entries for that
kind of logic
More information about the Freeradius-Users
mailing list