Logging ntlm authentication
James J J Hooper
jjj.hooper at bristol.ac.uk
Tue Sep 7 15:32:22 CEST 2010
--On Tuesday, September 07, 2010 14:11:42 +0100 Sion <mleasd at gmail.com>
wrote:
> On Tue, Sep 7, 2010 at 8:45 AM, Alan DeKok <aland at deployingradius.com>
> wrote:
>> Sion wrote:
>>> On Mon, Sep 6, 2010 at 12:54 PM, Alan DeKok <aland at deployingradius.com>
>>> wrote:
>>>> Sion wrote:
>>>>> I've also tried outer.reply, but I'm still not seeing it show up in
>>>>> my logs.
>>>> <sigh> And the debug log says... ?
>>
>> Just set "use_tunneled_reply = yes"
>>
>
> That had already been set, this is my peap config:
>
> peap {
> default_eap_type = "mschapv2"
> copy_request_to_tunnel = yes
> use_tunneled_reply = yes
> proxy_tunneled_request_as_eap = yes
> virtual_server = "inner-tunnel"
> }
>
Hi,
Something like the below should copy the messge to the outer tunnel, but
it seems the next packet sent is a Challenge, not reject/accept. Therefore
the message does not persist until reject/accept time.
authenticate {
Auth-Type MS-CHAP {
eduroamlocalmschap {
reject = 1
}
if (reject) {
update outer.reply {
MS-CHAP-Error := "%{reply:MS-CHAP-Error}"
}
reject = return
}
}
...
}
-James
--
James J J Hooper
University of Bristol
http://www.wireless.bristol.ac.uk
--
More information about the Freeradius-Users
mailing list