FR and PEAP question
Ivan Kalik
tnt at kalik.net
Tue Jun 10 16:02:24 CEST 2008
FreeRADIUS-Proxied-To == 127.0.0.1 will match only for eap requests. You
can't test for it with pap requests (radtest).
Ivan Kalik
Kalik Informatika ISP
Dana 10/6/2008, "Matt Ashfield" <mda at unb.ca> piše:
>I thought it would get referenced because in my users file I have:
>
>DEFAULT FreeRADIUS-Proxied-To == 127.0.0.1, Huntgroup-Name == UNBFWSS,
>unbldap-Ldap-Group == staff, Autz-Type := Ldap1
> User-Name=`%{User-Name}`,
> Tunnel-Private-Group-Id=staff,
> Tunnel-Type=VLAN,
> Fall-Through = no
>
>And in huntgroups I have this. Although I am unsure if this is correct.
>UNBFWSS NAS-IP-Address == 127.0.0.1
>
>
>Matt
>mda at unb.ca
>
>
>-----Original Message-----
>From: freeradius-users-bounces+mda=unb.ca at lists.freeradius.org
>[mailto:freeradius-users-bounces+mda=unb.ca at lists.freeradius.org] On Behalf
>Of Ivan Kalik
>Sent: Tuesday, June 10, 2008 10:36 AM
>To: freeradius-users at lists.freeradius.org
>Subject: RE: FR and PEAP question
>
>>The password that is being supplied by radtest is in plain-text, should I
>be
>>supplying it in ntPassword-encrypted format?
>
>No.
>
>>
>>It looks to me like I have something wrong with my authenticate section.
>>
>>My authorize section looks like:
>>authorize {
>> preprocess
>> chap
>> mschap
>> suffix
>> eap
>> Autz-Type Ldap1 {
>> redundant-load-balance{
>> unbldap
>> unbldap2
>> }
>> mschap
>> }
>>}
>>
>
>Not really. You just haven't called that Autz-Type anywhere.
>
>Ivan Kalik
>Kalik Informatika ISP
>
>-
>List info/subscribe/unsubscribe? See
>http://www.freeradius.org/list/users.html
>
>
More information about the Freeradius-Users
mailing list