EAP-sim using freeradius

Matthew Newton mcn4 at leicester.ac.uk
Wed Aug 26 01:41:40 CEST 2015


On Tue, Aug 25, 2015 at 04:26:38PM -0700, Siddharth Katragadda wrote:
> With the noop change,  I get:
> 
> 145)     [passwd] = ok
> (145)     if ("%{escape:%{control:EAP-Sim-Rand1}}"=="h"){
> (145)     EXPAND %{escape:%{control:EAP-Sim-Rand1}}
> (145)        -->

So it expanded to nothing.

> (145)     if ("%{escape:%{control:EAP-Sim-Rand1}}"=="h") -> FALSE
> (145) eap: Peer sent EAP Response (code 2) ID 2 length 6
> 
> Does this mean passwd is not saving the values properly after reading them
> from simtriplets.dat?

Or you're reading the wrong file, or something else simple like
that. There's been no significant code changes in rlm_passwd
between 3.0.9 and HEAD, so if it works here then you must have
something wrong in your config. And I used the config you posted
verbatim, so it's probably something very obscure, or more likely
blindingly simple.

Start with a completely clean install. Just set up rlm_passwd to
read the file, no need for eap or anything else like that. Send in
a request, and see if it gets EAP-Sim-Rand1 as expected with the
above expansion. That's what I had here. If so then you've got
something wrong in your config, so start diffing to work out what.

If the simple config doesn't work as expected, post the *whole*
debug output to the list, rather than small bits of it, which
leaves everyone guessing and is incredibly annoying.

Matthew


-- 
Matthew Newton, Ph.D. <mcn4 at le.ac.uk>

Systems Specialist, Infrastructure Services,
I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom

For IT help contact helpdesk extn. 2253, <ithelp at le.ac.uk>


More information about the Freeradius-Users mailing list