Thank you for your response, What should I wite instead of EAP. When I write Local or System it didnt work.
I have one more question. When I add user named test in users file as following, test Auth-Type := EAP, User-Password == "11" Filter-Id = "Enterasys:version=1:mgmt=su:policy=cit" 802.1x authentication is successful. But I need to authenticate users on edirectory via LDAP. Ldap servwer vi have field postoffice box which "Enterasys:version=1:mgmt=su:policy=cit" field is stored. We want that freeradius will get postofficebox vlaue of user and send to NAS it as Filter-Id = "Enterasys:version=1:mgmt=su:policy=cit". But this authentication should be in EAP-TTLS inner PAP method. We can do ot in Steel-Belted radius server. But securew2 didnt work with steel-belted. How can I do it? Thanks, Taylan KIRAN Network&System Specialist Koc University >>> [EMAIL PROTECTED] 03/11 8:18 PM >>> "TAYLAN KIRAN" <[EMAIL PROTECTED]> wrote: > You say You we only need to enable EAP-TTLS but it does not work. You > can find debug log as following. ... > users: Matched entry deneme at line 152 > modcall[authorize]: module "files" returns ok for request 4 > modcall: group authorize returns ok for request 4 > rad_check_password: Found Auth-Type EAP > auth: type "EAP" > Processing the authenticate section of radiusd.conf > modcall: entering group authenticate for request 4 > rlm_eap: EAP-Message not found > rlm_eap: Malformed EAP Message > modcall[authenticate]: module "eap" returns fail for request 4 > modcall: group authenticate returns fail for request 4 You are setting "Auth-Type := EAP" in line 152 of the "users" file. DO NOT DO THAT. IT IS NOT NECESSARY. Please read "eap.conf". It EXPLAINS THIS. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html