wifi 802.11 to pap and perl handoff

Linux Threads linuxthreads at gmail.com
Fri Aug 23 15:37:21 CEST 2019 

Hi FR Users,

please can you guide me how to handoff my wifi auth username and password
to FR outer-el via PAP and then pass the username and password to linotp
perl script via the inner-tunnel

tried to follow this
http://lists.freeradius.org/pipermail/freeradius-users/2016-November/085830.html
however
not getting it to work

Fri Aug 23 12:28:17 2019 : Debug: (3)   Auth-Type Perl {
Fri Aug 23 12:28:17 2019 : Debug: (3)     modsingle[authenticate]: calling
perl (rlm_perl)
Fri Aug 23 12:28:17 2019 : Debug: (3) perl:   $RAD_REQUEST{'User-Name'} =
&request:User-Name -> 'user at domain.com'
Fri Aug 23 12:28:17 2019 : Debug: (3) perl:
$RAD_REQUEST{'NAS-IP-Address'} = &request:NAS-IP-Address -> '10.0.1.200'
Fri Aug 23 12:28:17 2019 : Debug: (3) perl:   $RAD_REQUEST{'NAS-Port'} =
&request:NAS-Port -> '0'
Fri Aug 23 12:28:17 2019 : Debug: (3) perl:   $RAD_REQUEST{'Framed-MTU'} =
&request:Framed-MTU -> '1400'
Fri Aug 23 12:28:17 2019 : Debug: (3) perl:   $RAD_REQUEST{'State'} =
&request:State -> '0xddf0c4bcddf2c0541f3e258e95c5a160'
Fri Aug 23 12:28:17 2019 : Debug: (3) perl:
$RAD_REQUEST{'Called-Station-Id'} = &request:Called-Station-Id ->
'60-03-47-12-C5-7F'
Fri Aug 23 12:28:17 2019 : Debug: (3) perl:
$RAD_REQUEST{'Calling-Station-Id'} = &request:Calling-Station-Id ->
'A0-D3-7A-2A-9F-B3'
Fri Aug 23 12:28:17 2019 : Debug: (3) perl:   $RAD_REQUEST{'NAS-Port-Type'}
= &request:NAS-Port-Type -> 'Wireless-802.11'
Fri Aug 23 12:28:17 2019 : Debug: (3) perl:
$RAD_REQUEST{'Event-Timestamp'} = &request:Event-Timestamp -> 'Aug 23 2019
12:28:17 SAST'
Fri Aug 23 12:28:17 2019 : Debug: (3) perl:   $RAD_REQUEST{'EAP-Message'} =
&request:EAP-Message -> '0x020200060315'
Fri Aug 23 12:28:17 2019 : Debug: (3) perl:
$RAD_REQUEST{'Message-Authenticator'} = &request:Message-Authenticator ->
'0x6bc127eb10d5809e9d53dd36e30ffa26'
Fri Aug 23 12:28:17 2019 : Debug: (3) perl:   $RAD_REQUEST{'EAP-Type'} =
&request:EAP-Type -> 'NAK'
Fri Aug 23 12:28:17 2019 : Debug: (3) perl:   $RAD_CHECK{'Auth-Type'} =
&control:Auth-Type -> 'Perl'
Fri Aug 23 12:28:17 2019 : Debug: (3) perl:   $RAD_CONFIG{'Auth-Type'} =
&control:Auth-Type -> 'Perl'
Fri Aug 23 12:28:17 2019 : Debug: (3) perl: &request:Framed-MTU =
$RAD_REQUEST{'Framed-MTU'} -> '1400'
Fri Aug 23 12:28:17 2019 : Debug: (3) perl: &request:User-Name =
$RAD_REQUEST{'User-Name'} -> 'user at domain.com'
Fri Aug 23 12:28:17 2019 : Debug: (3) perl: &request:State =
$RAD_REQUEST{'State'} -> '0xddf0c4bcddf2c0541f3e258e95c5a160'
Fri Aug 23 12:28:17 2019 : Debug: (3) perl: &request:EAP-Message =
$RAD_REQUEST{'EAP-Message'} -> '0x020200060315'
Fri Aug 23 12:28:17 2019 : Debug: (3) perl: &request:Called-Station-Id =
$RAD_REQUEST{'Called-Station-Id'} -> '60-03-47-12-C5-7F'
Fri Aug 23 12:28:17 2019 : Debug: (3) perl: &request:NAS-IP-Address =
$RAD_REQUEST{'NAS-IP-Address'} -> '10.0.1.200'
Fri Aug 23 12:28:17 2019 : Debug: (3) perl: &request:Calling-Station-Id =
$RAD_REQUEST{'Calling-Station-Id'} -> 'A0-D3-7A-2A-9F-B3'
Fri Aug 23 12:28:17 2019 : Debug: (3) perl: &request:Event-Timestamp =
$RAD_REQUEST{'Event-Timestamp'} -> 'Aug 23 2019 12:28:17 SAST'
Fri Aug 23 12:28:17 2019 : Debug: (3) perl: &request:NAS-Port-Type =
$RAD_REQUEST{'NAS-Port-Type'} -> 'Wireless-802.11'
Fri Aug 23 12:28:17 2019 : Debug: (3) perl: &request:Message-Authenticator
= $RAD_REQUEST{'Message-Authenticator'} ->
'0x6bc127eb10d5809e9d53dd36e30ffa26'
Fri Aug 23 12:28:17 2019 : Debug: (3) perl: &request:EAP-Type =
$RAD_REQUEST{'EAP-Type'} -> 'NAK'
Fri Aug 23 12:28:17 2019 : Debug: (3) perl: &request:NAS-Port =
$RAD_REQUEST{'NAS-Port'} -> '0'
Fri Aug 23 12:28:17 2019 : Debug: (3) perl: &reply:Reply-Message =
$RAD_REPLY{'Reply-Message'} -> 'LinOTP server denied access!'
Fri Aug 23 12:28:17 2019 : Debug: (3) perl: &control:Auth-Type =
$RAD_CHECK{'Auth-Type'} -> 'Perl'
Fri Aug 23 12:28:17 2019 : Debug: (3)     modsingle[authenticate]: returned
from perl (rlm_perl)
Fri Aug 23 12:28:17 2019 : Debug: (3)     [perl] = reject
Fri Aug 23 12:28:17 2019 : Debug: (3)   } # Auth-Type Perl = reject
Fri Aug 23 12:28:17 2019 : Debug: (3) Failed to authenticate the user
Fri Aug 23 12:28:17 2019 : Debug: (3) Using Post-Auth-Type Reject
Fri Aug 23 12:28:17 2019 : Debug: (3) # Executing group from file
/etc/freeradius/3.0/sites-enabled/default
Fri Aug 23 12:28:17 2019 : Debug: (3)   Post-Auth-Type REJECT {
Fri Aug 23 12:28:17 2019 : Debug: (3)     modsingle[post-auth]: calling
attr_filter.access_reject (rlm_attr_filter)


Regards

Juan

More information about the Freeradius-Users mailing list