can EAP-PEAP-GTC use email pop3 server to authenticate?

d tbsky tbskyd at
Wed Mar 18 16:45:06 CET 2015

    I am using freeradius 3.0.1 at scientific linux 7.0.
I want to use our pop3 server as database for wireless wpa authentication.
(the eap-peap-mschapv2 works fine with our Active Directory. but for
some reason we need another method).
I try to test the idea as two parts:

1. setup a "test1" user at  /etc/raddb/users like this
   test1 Cleartext-Password := "testtest"
   and use EAP-PEAP-GTC at windows client to test it, it works fine.

2. write a perl script to authenticate via pop3 server.
    I use "radtest 'user at domain' my-pop3-password 0
testing123" to test,
    it works fine.

     the modification part of my inner-tunnel config is like below:
     authorize {
        if (ok || updated) {
               update control {
                        Auth-Type := POP3
     Auth-Type POP3 {

  3. I can not combine above to the final result. I can not use
EAP-PEAP-GTC from windows to authenticate via pop3 server.
when I debug the perl script, I found no password  input when using
"EAP-PEAP-GTC". I try modify many settings but still can not get it
work. so I wonder if my concept is wrong. is that possible to use
EAP-PEAP-GTC against a pop3 server, or we need a cleartext-password
file when using EAP-PEAP-GTC?  I try to make the perl script dump
%RED_REQUEST as below when using EAP-PEAP-GTC:

$VAR1 = {
          'User-Name' => 'xxx at xxxxxx',
          'EAP-Message' => '0x020f00060306',
          'Realm' => 'xxxxxxxxx',
          'State' => '0x2dec2f402de335af33348f2ebbe6e91d',
          'Stripped-User-Name' => 'xxxx',
          'EAP-Type' => 'NAK',
          'FreeRADIUS-Proxied-To' => ''

   thanks a lot for help!!


More information about the Freeradius-Users mailing list