Default entry to allow all

Fajar A. Nugraha fajar at
Wed Feb 3 03:01:34 CET 2010

On Wed, Feb 3, 2010 at 6:44 AM, Godfrey Peart <grpeart at> wrote:
> I know, that's what baffling me, under my normal setup I get the TLS tunnel
> established and authentication works fine, but here there is no TLS setup
> just
> an accept mesage that matches the default entry but the client doesn't
> connect.
>  Do I need to do any other tweaking concerning the peap setup

Ah, OK.

My guess is it's from the default server. If your client insists on
EAP, then perhaps you can create another instance of files module
(named files2 or whatever), change it to point to a new users file
(usersfile = ${confdir}/users2), then use that module inside
sites-enabled/inner-tunnel. The original users file should be left as
it is (no DEFAULT Auth-Type), while users2 file is edited to have that

... or perhaps you could simply edit sites-enabled/inner-tunnel, on
autorize section add these

               update control {
                       Auth-Type = Accept
               update reply {
                       whatever-attribute-you-need-here = some-value


More information about the Freeradius-Users mailing list