Hi thanks for the suggestion. I achived my target in this way: Users file: DEFAULT NAS-IP-Address == "194.116.9.153", Autz-Type:=EAP DEFAULT Auth-Type == EAP, Autz-Type:=LDAP
Radiusd file:
authorize {
preprocess
files
Autz-Type EAP {
eap
}
Autz-Type LDAP {
ldap
}
}
authenticate {
Auth-Type MS-CHAP {
mschap
}
eap
}I've still problem with 1.0.0 and 1.0.1 versions. I have compared the logs and the differences are: in 1.0.0 / 1.0.1 rlm_eap_tls: Received EAP-TLS ACK message rlm_eap_tls: No SSL info available. Waiting for more SSL data. eaptls_verify returned 1 eaptls_process returned 13 rlm_eap_peap: EAPTLS_HANDLED
in 1.0.0pre1 rlm_eap_tls: Received EAP-TLS ACK message rlm_eap_tls: ack handshake is finished eaptls_verify returned 3 eaptls_process returned 3 rlm_eap_peap: EAPTLS_SUCCESS
Any idea?
Thanks Best regards
Sergio Sagliocco
Alan DeKok wrote:
Sergio Sagliocco <[EMAIL PROTECTED]> wrote:
I've tried a simpler configuration but I've still problems
My users file is
DEFAULT NAS-IP-Address == 192.168.9.153, Authz-Type:=LDAP
No, it's not. There's no "Authz-Type" attribute.
When posting to the list, DO NOT re-type the data from your configuration files. CUT AND PASTE it instead. Re-typing the data is a guaranteed way to confuse everybody, and to make it impossible to solve your problem.
When I try to authenticate the log shows this errors:
.....
modcall: entering group authorize for request 8
modcall[authorize]: module "preprocess" returns ok for request 8
modcall[authorize]: module "files" returns notfound for request 8
You might want to check that. You want it to match an entry in the "users" file, and it's telling you that it hasn't matched anything.
Try fixing that.
If the authorize section is
authorize {
preprocess
eap
ldap
}
and the users file is empty it works fine
Yes, because you're now telling it to call LDAP. Previously, you weren't telling it to call LDAP, and the server told you it wasn't being told to call LDAP.
Alan DeKok.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
Sergio SAGLIOCCO
SecureLAB - System & Network Security CSP s.c. a r.l. ______________________________________________
Villa Gualino
Viale Settimo Severo, 63 - 10133 Torino [IT]
tel. +39 011 481 5140 - Mobile +39 348 6024078 fax +39 011 481 5001 ______________________________________________
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

