NAS-IP-Address, rlm_perl, and loopback
A.L.M.Buxey at lboro.ac.uk
A.L.M.Buxey at lboro.ac.uk
Fri Aug 22 09:10:14 CEST 2008
Hi,
> Which explains what's going on. PEAP is really two things: an outer
> TLS session, and inner EAP-MSCHAPv2 authentication. So there are *two*
> streams of RADIUS packets. One that sets up the tunnel, and one that
> does the authentication inside of the tunnel.
yep - so if you only want to define a policy after
successful authentication, you only call the 'perl'
routine in the post-auth section - therefore it
doesnt get called all the time. As Alan pointed out.
You should also ensure that , if this is the case,
you only have the post-auth function defined in the
perl module and in the perl code. no need to have any
other functions enabled.
alan
More information about the Freeradius-Users
mailing list