can EAP-PEAP-GTC use email pop3 server to authenticate?
d tbsky
tbskyd at gmail.com
Wed Mar 18 16:45:06 CET 2015
hi:
I am using freeradius 3.0.1 at scientific linux 7.0.
I want to use our pop3 server as database for wireless wpa authentication.
(the eap-peap-mschapv2 works fine with our Active Directory. but for
some reason we need another method).
I try to test the idea as two parts:
1. setup a "test1" user at /etc/raddb/users like this
test1 Cleartext-Password := "testtest"
and use EAP-PEAP-GTC at windows client to test it, it works fine.
2. write a perl script to authenticate via pop3 server.
I use "radtest 'user at domain' my-pop3-password 127.0.0.1:18120 0
testing123" to test,
it works fine.
the modification part of my inner-tunnel config is like below:
authorize {
pop3
if (ok || updated) {
update control {
Auth-Type := POP3
}
}
}
Auth-Type POP3 {
pop3
}
3. I can not combine above to the final result. I can not use
EAP-PEAP-GTC from windows to authenticate via pop3 server.
when I debug the perl script, I found no password input when using
"EAP-PEAP-GTC". I try modify many settings but still can not get it
work. so I wonder if my concept is wrong. is that possible to use
EAP-PEAP-GTC against a pop3 server, or we need a cleartext-password
file when using EAP-PEAP-GTC? I try to make the perl script dump
%RED_REQUEST as below when using EAP-PEAP-GTC:
$VAR1 = {
'User-Name' => 'xxx at xxxxxx',
'EAP-Message' => '0x020f00060306',
'Realm' => 'xxxxxxxxx',
'State' => '0x2dec2f402de335af33348f2ebbe6e91d',
'Stripped-User-Name' => 'xxxx',
'EAP-Type' => 'NAK',
'FreeRADIUS-Proxied-To' => '127.0.0.1'
thanks a lot for help!!
Regards,
tbskyd
More information about the Freeradius-Users
mailing list