Cache user access on eap-ttls with ldap as authenticate system
Alan DeKok
aland at deployingradius.com
Thu Jan 14 16:33:03 CET 2021
> On Jan 14, 2021, at 10:17 AM, André <netriver at gmail.com> wrote:
> In sites-enabled/default in authorize I did the following:
If you read the debug output, you'll see that it's checking the password in the "inner-tunnel" virtual server.
Put the caching there.
> However this makes the server still use the ldap connection in
> authentication.
> rlm_ldap (ldap): Connecting to ldap://jumia.ldap.idp.com:389
> rlm_ldap (ldap): Could not start TLS: Can't contact LDAP server
> rlm_ldap (ldap): Opening connection failed (11)
> (23) [ldap] = fail
Yes. Read ALL of the debug output. Especially the bits where it checks the passwords. Which is in the "inner-tunnel" virtual server.
Alan DeKok.
More information about the Freeradius-Users
mailing list