Autz-type LDAP, Auth-Type MSCHAP possible ? (for vlan assignment)
tnt at kalik.net
tnt at kalik.net
Wed Feb 18 15:59:51 CET 2009
>- User file new looks like :
>DEFAULT Ldap-Group == "cn=vlan1,ou=vlans,dc=test,dc=fr", Autz-Type := LDAP
> Tunnel-Type = VLAN,
> Tunnel-Medium-Type = IEEE-802,
> Tunnel-Private-Group-Id = 2,
> Reply-Message = "ok"
>
Remove that Autz-Type := Ldap
>- Into the sites-enabled/default & inner-tunnel :
>authorize {
> preprocess
> Autz-Type LDAP {
> ldap
> }
>From there as well.
> eap {
> ok = return
> }
> files
> ldap
> expiration
> logintime
>}
>authenticate {
> Auth-Type PAP {
> pap
> }
> Auth-Type CHAP {
> chap
> }
> Auth-Type MS-CHAP {
> mschap
> }
> eap
>}
>
>In conclusion, the supplicant got an access-accept but nothing else (like
>the vlan #2 assignment).
Post the debug.
Ivan Kalik
Kalik Informatika ISP
More information about the Freeradius-Users
mailing list