StrongSwan IKEv2 - eap-radius - Auth Failing
Matthew Newton
mcn at freeradius.org
Wed Sep 15 23:16:37 CEST 2021
On 15/09/2021 22:00, Chris Myburgh wrote:
> Success! Thanks a lot Matthew - really appreciate your help and the
> quick response.
OK great
> Now I need to proceed with assigning the IP's from radius!
>
> Here is the log just in case you wanted to see it.
You should be able to make it more efficient - at the moment it's now
calling SQL for every round trip.
Cache the password in the session-state list and you won't need to get
it after the first request, which will be 6 less hits on the database.
Probably something like this, instead of just "sql" directly:
if (&session-state:Cleartext-Password) {
# use p/w we cached before
update control {
&Cleartext-Password = &session-state:Cleartext-Password
}
}
else {
# hit database
sql
# if result, cache it
if (&control:Cleartext-Password) {
update session-state {
&Cleartext-Password := &control:Cleartext-Password
}
}
}
--
Matthew
More information about the Freeradius-Users
mailing list