Alternate server certificate

Garber, Neal Neal.Garber at energyeast.com
Sat Jul 25 00:00:06 CEST 2009


>> So, what causes the eap module to return "fail".  There are no
>> other messages indicating why it is failing (that I see).  Here's
>> output at startup showing that both were instantiated:
>
>You should replace eap in authenticate with those two instances as well.

Thank you again for your help Ivan.  I'm not sure if you saw my last msg
which gives more info about the eap failure (it can't find the eap instance
in the dictionary).

I already tried adding the code to the authenticate section; but, I got
errors when it tried to process the unlang.  I figured since it was failing 
in authorize that I would worry about the authenticate section later.  

Anyway, here's the error I get:

Fri Jul 24 17:51:07 2009 : Debug:  Module: Checking authenticate {...} for more modules to load
Fri Jul 24 17:51:07 2009 : Error: /usr/local/etc/raddb/sites-enabled/default[40]: Unknown Auth-Type "(Cisco-AVPair =~ /ssid=(.*)/)" in authenticate sub-section.

And here's what's in my authenticate section:

authenticate {
        if (Cisco-AVPair =~ /ssid=(.*)/) {
           update request {
                SSID-Name = "%{1}"
           }
        }
        files
        machine_UserName
        Auth-Type PAP {
                pap
        }
        Auth-Type CHAP {
                chap
        }
        Auth-Type MS-CHAP {
                mschap
        }
        if (SSID-Name) {
           if (SSID-Name == "XX-Barcode") {
              eap-internal
           }
           elsif (SSID-Name == "XX-Corp") {
              eap-internal
           }
           elsif (SSID-Name == "EE-Barcode") {
              eap-internal
           }
           else {
              eap-comodo
           }
        }
        else {
           eap-comodo
        }
#       eap-internal





More information about the Freeradius-Users mailing list