captive portal auth with freeradius

Chitrang Srivastava chitrang.srivastava at gmail.com
Fri Apr 19 19:12:04 CEST 2013


Ok I will try that out, ntlm_auth module is already configured and works
for radtest and wifi.
So ntlm_auth with captive portal , is that the way to go , as  told by you
? All other captive portal portal server we have to do  like that ?


On Fri, Apr 19, 2013 at 9:56 PM, Matthew Newton <mcn4 at leicester.ac.uk>wrote:

> On Fri, Apr 19, 2013 at 08:59:57PM +0530, Chitrang Srivastava wrote:
> > I am using Microsoft 2003 Active Directory Server , the way wifi
> (MSCHAPv2)
> > works is with ntlm_auth , which does the authentication.
>
> OK, finally the information that's needed.
>
> > The way it works with wifi or radtest is , Auth-Type is set to EAP (it
> > refers to eap.conf ) , it goes to mschap modules(set up TLS channel and
> > then under that) , from there its told to use external program ntlm_auth
> ,
> > which does the authentication and tells radius if its OK or not.
> >
> > What i was trying , is to get similar way working with captive portal as
> > well.
>
> There's an example in raddb/modules/ntlm_auth. Configure that
> file, and then do something like this:
>
> authorize {
> ...
>    if (!EAP-Message && User-Password) {
>      update control {
>        Auth-Type = PAP
>      }
>    }
> }
>
> authenticate {
>   Auth-Type PAP {
>     # pap <-- comment out
>     ntlm_auth
>   }
> }
>
> Then it should take your User-Name and User-Password, check them
> using the ntlm_auth utility rather than the pap module (the
> ntlm_auth "module" is just an instantiation of exec).
>
> Matthew
>
>
>
> --
> Matthew Newton, Ph.D. <mcn4 at le.ac.uk>
>
> Systems Specialist, Infrastructure Services,
> I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom
>
> For IT help contact helpdesk extn. 2253, <ithelp at le.ac.uk>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20130419/a889e431/attachment-0001.html>


More information about the Freeradius-Users mailing list