Logging ntlm authentication
Garber, Neal
Neal.Garber at iberdrolausa.com
Wed Sep 8 23:02:29 CEST 2010
> Hmm... OK. The issue appears to be that the tunneled reply is saved
> for Access-Accept, but not Access-Reject.
> See "accept_vps" in rlm_eap_peap/*. Something similar needs to be
> done for reject, and for TTLS.
You are a gentleman and a scholar! I have made the changes as you suggested for PEAP and tested PEAP-MSCHAPv2. It works! I am now able to log the output from ntlm_auth and MS-CHAP-Error. I'm also excited about the improved TLS logging in 2.1.10.
I will add the code for TTLS now. Unfortunately, I don't have a way to test that as I don't believe eapol_test supports TTLS and we don't use it. I suppose someone else can test it once I upload the patch (which I will do after I make the TTLS changes).
Thanks again Alan.
More information about the Freeradius-Users
mailing list