FreeRadius - Wifi - Active directory (Eap-Peap-MSCHAP)

A.L.M.Buxey at A.L.M.Buxey at
Fri May 6 13:49:28 CEST 2016


> rad_recv: Access-Request packet from host port 59985, id=177, length=173
>         User-Name = "galaxy\\test"

yes, thats how windows will send a userid by default - the logged in user most likely....
it will be their windows username/password - which might be different to their AD one
(eg own device)

if you want to authenticate such requests then you need to 1) ensure password is correct
2) deal with the username - eg using the required mschap and with_ntdomain_hack  etc
and ensuring the the DOMAIN part is dealt wiht in proxy.conf as a local domain....and
finally this stuff will all go through the EAP layer - so, by default, through inner-tunnel
virtual server so ensure that is correctly configured  


More information about the Freeradius-Users mailing list