captive portal auth with freeradius

Chitrang Srivastava chitrang.srivastava at gmail.com
Wed Apr 17 15:37:14 CEST 2013


Thanks , I am trying to MSCHAPv2 (TTLS or PEAP ) or GTC with LDAP
I see that rlm_ldap.c will set Auth-Type as ldap based on set_auth_type
=yes and 3 other flags,
tried but it didn't worked ,
I will try from scratch

On Wed, Apr 17, 2013 at 6:24 PM, Olivier Beytrison <olivier at heliosnet.org>wrote:

> On 17.04.2013 14:32, Chitrang Srivastava wrote:
> > I am using LDAP server as datasource
> > Attaching logs
> >
>
> You're doing PAP against LDAP.
>
> This is the ONLY situation where Auth-Type should be set to ldap
>
> looking at modules/ldap, we have
>
>         #
>         #  By default, if the packet contains a User-Password,
>         #  and no other module is configured to handle the
>         #  authentication, the LDAP module sets itself to do
>         #  LDAP bind for authentication.
>         #
>         #  THIS WILL ONLY WORK FOR PAP AUTHENTICATION.
>         #
>         #  THIS WILL NOT WORK FOR CHAP, MS-CHAP, or 802.1x (EAP).
>         #
>         #  You can disable this behavior by setting the following
>         #  configuration entry to "no".
>         #
>         #  allowed values: {no, yes}
>         # set_auth_type = yes
>
> So freeradious *should* set auth-type to LDAP.
> We *should* see a "Setting Auth-Type = ldap" in the debug.
> Yet it don't do it.
>
> You messed the default *working* configuration provided with freeradius.
> There's a lot of stuff in your config that are just useless.
>
> Again, start with the default, working config, then change one thing
> after another. What you are trying to do works with the default
> configuration shipped with Freeradius.
>
> Olivier
> --
>
>  Olivier Beytrison
>  Network & Security Engineer, HES-SO Fribourg
>  Mail: olivier at heliosnet.org
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20130417/37d9e950/attachment-0001.html>


More information about the Freeradius-Users mailing list