Freeradius rlm_pam

Mark ctesias2 at gmail.com
Sun Feb 12 18:59:15 CET 2012


On Sun, Feb 12, 2012 at 1:34 AM, Alan DeKok <aland at deployingradius.com> wrote:
> Mark wrote:
>  Then read the comments in raddb/eap.conf.  Look for "gtc".  It
> documents how to get GTC working with other methods.

Thanks!  It wasn't entirely clear to me at first from that
documentation how to achieve my goal.  But after changing the default
eap type to gtc and the line auth_type in the GTC section of the
eap.conf file, it works.

In order to provide a record for anyone who might stumble upon this
chain from a search engine, here are the steps I took to make EAP-GTC
+ Pam Auth work:
1. Added wap to the clients file
2. Put certs in eap.conf file
3.  Uncommented pam in the sites-available/default file
4.  changed copy_request_to_tunnel to yes
5.  Uncommented Pam in sites-available/innner-tunnel
6. forced the auth type to pam in inner-defualt
7.  Changed default eap type to gtc
8  In the GTC section for eap.conf, change the line that says:

auth_type = PAP

to:

auth_type = PAM

Thanks for the great software!

Mark




More information about the Freeradius-Users mailing list