freeradius-3.0: Using EAP-Type in post-auth processing
Felix Tiede
lists at pc-tiede.de
Wed May 10 16:32:06 CEST 2017
Hello.
With freeradius 2.1 I did a
post-auth {
if (EAP-Type == EAP-TLS) {
update reply {
...
}
updated
}
elsif (EAP-Type == PEAP) {
update reply {
...
}
updated
}
}
With freeradius 3.0 this does not work any longer.
The code above errors out and at least radiusd -X does not start due to
"attribute for value" errors on the if-clauses. Using '&' in front of both
operands yields a short message "Ignoring as always false" during startup and
then nothing happens when PEAP or EAP-TLS requests come in, so clients are
authenticated but not properly authorized and access does not work, as it
relies on the actions performed in 'update reply'.
So, my question is: How do I achieve a similar functionality as above with
freeradius-3.0 unlang?
Thanks in advance for your help.
Regards,
Felix
--
If God had a beard, he'd be a UNIX programmer.
More information about the Freeradius-Users
mailing list