FR2.1.7 with EAP-TTLS/PAP and LDAP
Caius
caiuspolgar at yahoo.com
Mon Nov 16 14:04:08 CET 2009
Hi Alan,
i told myself that i should try and enable the ldap module in the authorize section, nothing wrong in that ;)
and now it works...
so now in my inner-tunnel file i got:
server inner-tunnel {
authorize {
suffix
update control {
Proxy-To-Realm := LOCAL
}
eap {
ok = return
}
ldap
expiration
logintime
pap
}
authenticate {
Auth-Type PAP {
pap
}
Auth-Type LDAP {
ldap
}
}
....
}
it works like this, but im still not sure if this is the recommended way :D
thanks and best regards
Caius Pargar
--- On Mon, 11/16/09, Alan Buxey <A.L.M.Buxey at lboro.ac.uk> wrote:
> From: Alan Buxey <A.L.M.Buxey at lboro.ac.uk>
> Subject: Re: FR2.1.7 with EAP-TTLS/PAP and LDAP
> To: "FreeRadius users mailing list" <freeradius-users at lists.freeradius.org>
> Date: Monday, November 16, 2009, 2:44 PM
> Hi,
> > Hi Alan,
> >
> > i checked my sites-available/inner-tunnel file:
> >
> > in authorize section everything is commented, except:
> eap and pap (ldap is commented).
> >
> > in authneticate section i have
> > Auth-Type PAP {
> >
> pap
> > }
> >
> > Auth-Type LDAP {
> >
> ldap
> > }
> >
> > the rest is commented
>
> IIRC this is one of those wierd times when you need to have
> a
>
> DEFAULT Auth-Type := LDAP
>
> att he bottom of your users file. I may be
> wrong...but i think EAP+LDAP is
> a funny beast
>
> alan
>
More information about the Freeradius-Users
mailing list