wpa2 - huntgroup problems -fixed
Hans Bornemann
hans.bornemann at uni-dortmund.de
Thu Apr 10 15:15:22 CEST 2008
Hi,
huntgroups and PEAP works, if you set
copy_request_to_tunnel = yes
in eap.conf.
eap.conf:
...
peap {
# The tunneled EAP session needs a default
# EAP type which is separate from the one for
# the non-tunneled EAP module. Inside of the
# PEAP tunnel, we recommend using MS-CHAPv2,
# as that is the default type supported by
# Windows clients.
default_eap_type = mschapv2
# the PEAP module also has these configuration
# items, which are the same as for TTLS.
copy_request_to_tunnel = yes
....
hans
On Thu, 2008-04-10 at 12:50 +0200, Hans Bornemann wrote:
> Hi,
>
> maybe a missunderstanding. The authentication with crypt-password works
> fine. The authentication with nt-passwords only works, if no huntgroup
> is defined in the database.
>
> if huntgroup is defined:
> rlm_sql (sql): No matching entry in the database for request from user
>
> if not:
> modcall[authorize]: module "sql" returns ok for request 0
>
> i have checked the debug - the nas-ip is the same as defined in the
> huntgroupsfile
>
> thanks
> Hans
>
>
>
>
> On Thu, 2008-04-10 at 10:49 +0100, Phil Mayers wrote:
> > Hans Bornemann wrote:
> > > Hi,
> > >
> > > did you mean the operator for the huntgroups?
> >
> > No. Crypt-Password
> >
> > >
> > > hans
> > >
> > >
> > > On Thu, 2008-04-10 at 10:29 +0100, Phil Mayers wrote:
> > >> Hans Bornemann wrote:
> > >>> Hi,
> > >>>
> > >>> I have a problem with huntgroups and wpa2. It concerns the following:
> > >>>
> > >>> First, huntgroups works with ntradping and crypt-passwd:
> > >>>
> > >>> mysql-db
> > >>>
> > >>> unzinn | NT-Password | := | 7C53CFA5EA7D0F9B3B968AA0FB51A3F5
> > >>> unzinn | crypt-password | == | $1$7ftISFCW$xp.n8LMOxfPD7GqdSJqZC1
> > >> This is wrong; remove it, or set the operator to :=
> >
> > -
> > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
Hans Bornemann
Universitaet Dortmund - ITMC
Tel. ++49 231 755 2132 Fax. ++49 231 755 2731
More information about the Freeradius-Users
mailing list