Cisco WLC4402 - 802.1X - Android - Tunnel-Priv-Group-ID Failure
Alan Buxey
A.L.M.Buxey at lboro.ac.uk
Wed Aug 11 21:29:03 CEST 2010
Hi,
> Using Android 2.2 I had to put the username in both the identity and the
> anonymous identity and it worked correctly.
>
> I am still figuring out how to make it auth based on the internal username
> rather than the external.
use the EAP section and ensure that its an EAP part - but this is a whole lot
cleaner and easier with FreeRADIUS 2.x - in which the EAP inner gets sent to a new
virtual server (by default named 'inner-tunnel') in which you do the authentications
and....more importantly authorizations.
regarding the auth on internal - copy the EAP inner to the outer identity (eap.conf -
check the peap and ttls sections) - and then do the VLAN part in the post-auth section.
I'm trying to think back to when I used 1.x and realise that I couldnt do - or at
least trivially do! half of the stuff I can do with 2.x - its well worth the
migration!
alan
More information about the Freeradius-Users
mailing list