Failed retrieving values required to evaluate condition
Christoph Litauer
litauer at uni-koblenz.de
Tue Apr 30 11:07:54 CEST 2019
Dear Freeradius-Users,
I am not an experienced radius admin, so maybe you can give me a hint. I read the manuals, the logs and google, but without success.
My wlan users authenticate themselves against eap/ldap. But for guests I generate a file with credentials. This worked for some years now.
Because of changing root certificates I had to introduce two different eap-configurations (eap and eapoldca). These are used in the default site and inner-tunnel site via switch that decides on the outer User-Name which certificates are used. So I changed
eap {
ok = return
}
to
if (&User-Name == "eduroam at uni-koblenz.de") {
eap {
ok = return
}
} else {
eapoldca {
ok = return
}
}
This works for all wlan users except guests. If a guest tries to authenticate, at the end I get
(8) if (&Called-Station-SSID == "ubnt") {
(8) ERROR: Failed retrieving values required to evaluate condition
This is because Called-Station-SSID is unset at this point. I don't think this is the root cause, instead the reason seems to be, that the "ok = return" statements exit the if ()-clause but not the authorize section.
But as I said, I am not an expert ...
You will find sites-enabled/{default,inner-tunnel}, mods-enabled/eap und a log file here: https://cloud.uni-koblenz-landau.de/s/cBrpcCgCAp9JjTr
The radius log was generated while trying to connect to SSID ubnt using test/test as authentication.
Any help is greatly appreciated.
--
Kind regards
Christoph
_________________________________________
Uni Koblenz, Computing Centre, Office A 022
Postfach 201602, 56016 Koblenz
Fon: +49 261 287-1311, Fax: -100 1311
More information about the Freeradius-Users
mailing list