Authentication failing when using *@domain.com
Ryan Garrett
rjgarrett at gmail.com
Tue Oct 19 17:02:22 CEST 2010
Alan,
There must be something I am not understanding, as I am unclear on what I
need to be adding to proxy.conf. And from what I can tell, inner-tunnel
doesn't need to be touched with the way I am configuring, or is that
incorrect?
If my realm is testlab.net, do I just need an entry that is:
realm testlab.net {
}
? Or am I still not getting something?
On Mon, Oct 18, 2010 at 1:56 AM, Alan DeKok <aland at deployingradius.com>wrote:
> Ryan Garrett wrote:
> > I have a test account setup within a test domain.
> > The username is "dadmin". If I authenticate with just "dadmin" it works
> > fine, I get an access accept response and I am up and running.
>
> OK.
>
> > However, if I try "dadmin at testlab.net"
> > authentication is rejected.
>
> Because names are just strings. The strings "dadmin" and
> "dadmin at testlab.net" are different.
>
> > My main concern is the fact that during the
> > process, it says "testlab.net" was not found, using
> > NULL for the Realm.
>
> Yes... because you didn't configure the realm. See raddb/proxy.conf.
>
> In 2.1.10, read raddb/sites-available/inner-tunnel. Test that with
> "radtest" and "dadmin at testlab.net". Once that works, PEAP will work.
>
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20101019/196673e5/attachment.html>
More information about the Freeradius-Users
mailing list