captive portal auth with freeradius
Olivier Beytrison
olivier at heliosnet.org
Wed Apr 17 14:54:58 CEST 2013
On 17.04.2013 14:32, Chitrang Srivastava wrote:
> I am using LDAP server as datasource
> Attaching logs
>
You're doing PAP against LDAP.
This is the ONLY situation where Auth-Type should be set to ldap
looking at modules/ldap, we have
#
# By default, if the packet contains a User-Password,
# and no other module is configured to handle the
# authentication, the LDAP module sets itself to do
# LDAP bind for authentication.
#
# THIS WILL ONLY WORK FOR PAP AUTHENTICATION.
#
# THIS WILL NOT WORK FOR CHAP, MS-CHAP, or 802.1x (EAP).
#
# You can disable this behavior by setting the following
# configuration entry to "no".
#
# allowed values: {no, yes}
# set_auth_type = yes
So freeradious *should* set auth-type to LDAP.
We *should* see a "Setting Auth-Type = ldap" in the debug.
Yet it don't do it.
You messed the default *working* configuration provided with freeradius.
There's a lot of stuff in your config that are just useless.
Again, start with the default, working config, then change one thing
after another. What you are trying to do works with the default
configuration shipped with Freeradius.
Olivier
--
Olivier Beytrison
Network & Security Engineer, HES-SO Fribourg
Mail: olivier at heliosnet.org
More information about the Freeradius-Users
mailing list