format input to radclient (or radtest) for EAP-TTLS and EAP-PEAK (MSCHAPv2) test
Alan DeKok
aland at deployingradius.com
Mon May 3 14:36:02 CEST 2010
bslee (HKBU) wrote:
> Question1: I don't have the client and nas environment right now. I
> want to input "EAP-TTLS" and "EAP-PEAP (MSCHAPv2)" respectively into
> radclient (or radtest) to test my freeradius configuration. What should
> be the input to radclient (or radtest) (i.e. the red string in the
> example below)?
radclient does not do EAP. You will need to use "eapol_test". See
http://deployingradius.com for complete instructions.
> Question 2: When freeradius receives a authentication request of either
> one of those 2 types in question 1, a script will be invoked to
> authenticate mysql (i.e. to replace corresponding rlm_eap_xxx module).
Uh... no. That is not at all how it works.
> a. May I know related configurations for invoking the script?
See scripts/exec-program-wait, and "man unlang"
> b. some attributes should be sent to the script from freeradius. What
> are these attributes? How to get these attributes from PHP script?
See above.
> c. After accessing MYSQL, PHP script should return some attributes back
> to freeradius, What are these attributes? How to allow freeradius to
> accept authentication result and those attributes?
See above.
Alan DeKok.
More information about the Freeradius-Users
mailing list