Unlang to switch between ldaps

Diego Martín Capello diego at ccc.uba.ar
Tue Jun 2 20:25:44 CEST 2009

Alan DeKok escribió:
> ..
>> I want to switch between them based on the NAS-IP-Address of the
>> arriving
>> request, so I've used unlang in the authorize section:
>   ... of the file raddb/sites-enabled/inner-tunnel.

Exactly, but the path is /etc/freeradius/sites-enabled/inner-tunnel,
because i'm using Linux Debian 5.0 (Lenny).

>> POST of the debug mode of freeradius:
>   Which shows it's *not* copying the request to the tunnel.  See eap.conf.

Yes, definitly it shows that, so, in order to fix that, i've added the
following line to the sections ttls and peap in the file eap.conf:

copy_request_to_tunnel = yes

So, I provide support to EAP-TTLS and PEAP-MSCHAPv2 on the wireless network.

> ...
>>   PEAP: Sending tunneled request
>>         EAP-Message = 0x0206001501646965676f406363632e7562612e6172
>>         FreeRADIUS-Proxied-To =
>>         User-Name = "diego at ccc.uba.ar"
>   See?  No NAS-IP-Address.

Yes, I see! And lot of thanks......

>   Alan DeKok.

Diego Martín Capello
Administrador RedUBA
Centro de Comunicación Científica
Universidad de Buenos Aires

More information about the Freeradius-Users mailing list