One question about Access-Request packet

K. Hoercher wbhoer at
Fri Jan 19 10:20:19 CET 2007


On 1/18/07, Rafał Kamiński <rafal.kaminski at> wrote:
> Hi again,
> I set EAP-TLS with cert. - i use that text

Sorry, URL seems broken.

> i set in radius.conf
> authorize {
>         files
> }

Put in at least "eap". Better start with the shipped default file an
change (step by step) to meet your needs. Read the comment there above
the "eap" stanza.

> and in users file
> "username-the same what in cert" Auth-Type := EAP

Don't set it. As noted with hilarious regularity on this list. (If you
got that from the maybe then working URL you mentioned, forget it.)
Auth-Type gets perfectly well handled by the eap module in authorize.

> And
> How i must set authentication and authorize if i will use that in future
> with ldap?

That's to general a question to give an useful answer. Keep in mind
that "authenticating" against ldap by binding the user's dn, will not
work for EAP(-PEAP)

K. Hoercher

More information about the Freeradius-Users mailing list