Freeradius 2 , TTLS/PAP, multiples questions
Jérôme BERTHIER
jerome.berthier at inria.fr
Fri Apr 17 12:01:35 CEST 2009
Hi,
I'm trying to configure Freeradius 2 to implement EAP/TTLS-PAP
authentication method on my Cisco AP1242. It works but I'd like some
precisions to get configuration files as small as possible.
What is the shortest way to configure it ?
authorize {
preprocess
auth_log
suffix
eap {
ok = return
}
files
ldap
pap
}
authenticate {
Auth-Type PAP {
pap
}
Auth-Type LDAP {
ldap
}
eap
}
Are the lines correct ?
Moreover, I've got trouble to implement few functions.
First, what's the right way to implement check for Simultaneous-Use ?
For cisco nas type, Freeradius seems to use snmp check but where should
I configure SNMP read community in order to make it possible ?
Then, during EAP process, is it possible to check if inner identity
equal outer identity and if not to reject request ?
Finally, I've got problem with NetworkManager under Fedora 9 (not tested
on other distribution). If Session resumption / fast reauthentication
cache is not enabled, clients can't reassociate and ask for session
resumption again. Is there a workaround ?
Thanks
--
Jérôme BERTHIER
Network administrator
INRIA Bordeaux - Sud-Ouest
Service des Moyens Informatiques
05 24 57 40 50
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 4304 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20090417/9fc2bf13/attachment.bin>
More information about the Freeradius-Users
mailing list