captive portal auth with freeradius

Matthew Newton mcn4 at
Fri Apr 19 15:59:34 CEST 2013

On Fri, Apr 19, 2013 at 06:15:09PM +0530, Chitrang Srivastava wrote:
> tried what Matthew suggest  , in authorize section and it worked. Whole
> issue is captive portal is sending a non-EAP message with User-Password set
> , in this case we have to set auth type as ldap.

It's obvious from your debug output that

 - your LDAP module isn't setting Auth-Type for some reason
 - your LDAP server isn't returning any sort of password (plain or

and therefore you probably need to try and do that horrible hack
of binding to the LDAP server to auth. Really, Alan is right -
LDAP is not an authentication server, even though lots of people
seem to think it is.

Hence the suggestion to "fix" your problem by setting Auth-Type,
iff it has not already been set, when not doing EAP and
User-Password is supplied.

The best solution is to fixup your LDAP server to return the
crypted password back to FreeRADIUS. Like already pointed out, if
it's AD, this isn't likely to happen.


Matthew Newton, Ph.D. <mcn4 at>

Systems Specialist, Infrastructure Services,
I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom

For IT help contact helpdesk extn. 2253, <ithelp at>

More information about the Freeradius-Users mailing list