Change between 2.2.1 and 2.2.2

Alex Sharaz alex.sharaz at york.ac.uk
Fri Nov 1 17:27:54 CET 2013


Hi,
There seems to be a change that’s happened between vsn 2.2.1 and 2.2.2

We’re in the process of implementing a phased take-over of  the management of our CSE dept radius services. What I’m doing is

1). Point CSE switches at our radius server
2) Check mac address of client ( calling station id)
3). If I know about it, perform mac-auth and send access accept with appropriate parameters
4). If I don’t know about it proxy it off to another server which in turn proxies it off to the  CSE  radius service and act upon the result that comes back. 

This all worked just fine for 2.2.0 and 2.2.1.In the log file I’d also see entries of the form 

Fri Nov  1 16:17:10 2013 : Auth: Login incorrect (Home Server says so): [<blah!>/<CHAP-Password>] (from client nasaaa5 port 48 cli <mac-address of client>)

Which is fine, it just means that I don't know that mac address and neither does the remote (CSE)  server. It’s usually a client that is trying to do a macauth 1st and then an EAP auth with user credentials.

An  upgrade to 2.2.2 caused these messages to disappear. I saw another freeradius message to day that implied theres been a change that silently drops access-rejects instead of passing them back up the food chain to the client  … or something like that…. managed to delete the message :-(( 

If that’s the case, how do I get the 2.2.1/2.2.0 functionality back please.

Rgds
Alex

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20131101/0c77b093/attachment-0001.html>


More information about the Freeradius-Users mailing list