FR2 EAP-PEAP proxy does not saving attributes
Alan DeKok
aland at deployingradius.com
Thu Sep 17 10:29:23 CEST 2009
Daniil L. Kharoun wrote:
> Required to authorize wireless users by the protocol EAP-PEAP, but,
> unfortunately, the radius of the billing system can not EAP-PEAP. Installed
> freeradius 2.1.6 in proxy mode. Freeradius terminates the tunnel TLS, and
> requests the radius of the billing system goes on algorithm mschapv2.
> Problem - freeradius does not save or pass additional attributes of an access
> point, obtained from the radius of the billing system (attributes for
> example - WISPr-Bandwidth-Max-Up and WISPr-Bandwidth-Max-Down). How to
> solve the problem?
...
> [peap] Tunneled authentication was successful.
> [peap] SUCCESS
> [peap] Saving tunneled attributes for later
...
> Sending Access-Accept of id 231 to 192.168.145.42 port 45920
> User-Name = "10"
> MS-MPPE-Recv-Key =
> 0x95cd48dc452bb7ea093e2a2945d4337a6112847f9ac1dafce280a27713ec34ca
> MS-MPPE-Send-Key =
> 0x34066a293d5a0f0f5269014040f41bc79d125807510bc15bf99f75e7e3307977
> EAP-Message = 0x036b0004
> Message-Authenticator = 0x00000000000000000000000000000000
Hmm... that's awkward. You have "use_tunneled_reply = yes", so it
*should* work.
I'd suggest debugging the code in more detail. There's little else
that can be done.
Alan DeKok.
More information about the Freeradius-Users
mailing list