FreeRADIUS 3.0.12 + openLDAP + Apple access point?
Tobias Balle-Petersen
tobiasbp at gmail.com
Thu Dec 7 09:47:06 CET 2017
It seems like the problem is with my huntgroup.
In users:
This will allow me to log in from the access point:
DEFAULT Ldap-Group == "wifi-cph"
With this definition I am rejected:
DEFAULT Ldap-Group == "wifi-cph", Huntgroup-Name == "accesspoints-lan"
The huntgroup from the huntgroups file
# Group of accesspoint. Login from those, and you needi
# to be a member of the wifi-copenhagen group (LDAP)
accesspoints-lan NAS-IP-Address == 172.22.33.11
accesspoints-lan NAS-IP-Address == 172.22.33.22
accesspoints-lan NAS-IP-Address == 172.22.33.30
accesspoints-lan NAS-IP-Address == 172.22.33.33
accesspoints-lan NAS-IP-Address == 172.22.33.34
This is what I get when the access point connects:
Thu Dec 7 09:28:15 2017 : Debug: (11) User-Name = "***"
Thu Dec 7 09:28:15 2017 : Debug: (11) NAS-IP-Address = 172.22.33.33
Maybe the NAS-IP-Address is not available in the inner tunnel?
More information about the Freeradius-Users
mailing list