Using Attributes to differentiate between different EAP types

nmcdavit at nmcdavit at
Mon Sep 14 22:47:31 CEST 2009

I have configured a Freeradius server to work with PEAP using NTLM_AUTH.
Everything worked fine and tested out perfectly.

Since then I added a configuration for EAP_TTLS, which really just means I
added a configured LDAP module “ldap_myconfig” into the inner-tunnel.
Unfortunately the PEAP connection no longer works, but the TTLS does. PEAP
is my default EAP type.

So I’m pretty sure the simplest fix is to just have a if operator and for
something like

If(rlm_eap_type == “EAP/TTLS”)

{ ldap_myconfig}

The only problem is that I have not seen any such attribute for
freeradius. I figure there should very well be something akin to that as a
run time variable correct?


Nathan Van Fleet

More information about the Freeradius-Users mailing list