LDAP Groups and EAP

Alan DeKok aland at deployingradius.com
Sat Jan 12 09:40:39 CET 2008


Brian Wilson wrote:
>      I am running Freeradius 1.1.0

  Please upgrade to at least 1.1.7.  It solves a lot of security issues,
*and* helps with the problem you're seeing, too.

>     When I try to authenticate, the radius server receives about 7
> Access-requests.

  That's the way EAP works.

>        Notice that there is no additional call to ldap_group between the
> authorize and the resulting failure in the files module.

  The *inner* tunnel session doesn't match a huntgroup.

>      Is there something i'm missing in the configuration file?

  I would suggest trying 2.0.  The new virtual server feature should
make this configuration much simpler.  The new "unlang" feature should
also simplify the writing of policies.

  Alan DeKok.



More information about the Freeradius-Users mailing list