Question on logging EAP/PEAP authentication rejections

Josh Hiner josh at remc1.org
Tue Mar 20 22:24:29 CET 2012


Ok. I did follow this advice:

<snip>
>    Ok I went back, looked at the config, and used some common sense to
figure
>    part of it out. I have it now logging replys for rejects using the


...to remind you what Alan said:

>      �Read raddb/sites-available/default. �Look for Post-Auth-Type Reject.
>
>      �This is documented.


in post-auth section


       Post-Auth-Type REJECT {
               attr_filter.access_reject
       }

put things in that bit
<snip>

What advice didnt I follow? Thats all the advice I was given. Put stuff in
there (Post-Auth-Type REJECT) which I did do. First I tried reply_log
(which didnt log username) so after much trial I modified linelog. I
couldnt find documentation even with searching online about what to put in
there. I pretty much guessed in the end. If there is documentation on
Post-Auth-Type REJECT { that is more than a paragraph please point me to it
I'd be very interested in it. I cant follow advice thats not given to me or
to read documentation that seems to be impossible to find? Im just confused
on the replys I received. Oh well.

Thanks -Josh

On Tue, Mar 20, 2012 at 4:27 PM, Alan Buxey <A.L.M.Buxey at lboro.ac.uk> wrote:

> Hi,
>
> >    being a mooch. The only reason I can think of such short and erroneous
> >    replies is that some people helping on the list are generally annoyed
> by
> >    any questions. That is too bad. A quick reply of "use linelog" would
> have
> >    been helpful. Why not help people?
>
> ...or it could be that we've been running FreeRADIUS for a long long time
> and
> the method we said works for us....but you've decided on some other way of
> path.
> back in the 0.x days you'd have been SOOL, in 1.x days it would have been
> code
> changes...in 2.x days there are a few ways you can do it. you were told
> the best
> way of doing it - but you chose another valid way.  <shrug>
>
> alan
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20120320/b82c8105/attachment-0001.html>


More information about the Freeradius-Users mailing list