User and EAP authentication
Thomas Manninger
DBGTMaster at gmx.at
Wed Mar 18 16:17:07 CET 2020
Hi,
i am using freeradius 3.0.12+dfsg-5+deb9u1 on a debian 9 server.
I confiured two virutal servers, one for X802.1 network authentication
(name: inner-tunnel), another virtual server with PAP username/password
authentication (name: keycloak).
Every incoming request should processed by the virtual_server
"keycloak-auth", except all X802.1 request should be processed to the
virtual_server "inner-tunnel".
But all requests, also the X802.1 requests, are processed by the
virtual_server keycloak.
If i unterstand it correctly, the eap module should send all EAP
requests to the inner-tunnel, but this in not working :-( ...
Only if i send all requests to the inner-tunnel virtual-server, then
X802.1 auth is working
How can i fix the issue?
My listen configuration:
> listen {
> type = auth
> ipaddr = *
> port = 0
> virtual_server = keycloak
> }
> listen {
> type = acct
> ipaddr = *
> ipv6addr = ::
> port = 0
> virtual_server = keycloak
> }
My keycloak size:
> server keycloak {
> authorize {
> files
> filter_username
> filter_password
> preprocess
> expiration
> logintime
> keycloak
> }
> authenticate {
> Auth-Type keycloak {
> keycloak
> }
> Auth-Type pap {
> pap
> }
> }
> ...
> ...
Thanks!
More information about the Freeradius-Users
mailing list