Hello, Am Montag, den 25.07.2005, 12:57 -0400 schrieb Alan DeKok: > "Mario Lipinski" <[EMAIL PROTECTED]> wrote: > > Can i do LEAP with Samba-Passwords (which are also stored in the db)? > > Yes. > > > I think this should work in general but not with the MSChapv2 > > implementation in FreeRadius. Is there any way? > > It works.
It does, now. :) Needed to use the ":=" operator and prepend "0x" to the NT-Password value. Also got it configured to work with my database structure. > > OK. Thats all that my writing is about. I don't know how to really get > > away from the sample layout. For example how to distinguish between > > MAC-Address and EAP authentication requests. > > Read the debug log. You have the information in front of you. I > don't have access to your system, so it wouild be inappropriate of me > to guess. I am attaching two requests taken from the debug log. The first one is the request for the MAC-Address Authentication, the second one is the one for LEAP authentication (works, eap messages were cut since they might contain real user information, dunno). For the MAC-Address stuff i need to lookup the things in another database. I know i can define different sql spaces with "sql name" in the configs. But how to decide, which table use for the lookup. Both requests are of the type "Login-User". The only difference is, that the MAC-Address authentication request contains the "User-Password" attribute. I read much about comparing the values of the attributes, but how to check for their existence? If there is no better way, i might use a regex matching [0-9a-f]{12} - should work? How do i write it in the config to use "sql a" when the regex matches and to use "sql b" if not? I hope i provided all information needed to get a quick and clear answer this time. Thanks, -- Mario Lipinski VOIP: +49 511 696045510 Systemadministration Fax: +49 721 151-207196 Gymnasium Salzgitter-Bad E-Mail: [EMAIL PROTECTED] Internet: http://www.gymszbad.de
rad_recv: Access-Request packet from host 172.21.1.3:1645, id=111, length=114 User-Name = "000e352af0fd" User-Password = "000e352af0fd" Called-Station-Id = "0011.92f8.9c10" Calling-Station-Id = "000e.352a.f0fd" Service-Type = Login-User NAS-Port-Type = Wireless-802.11 NAS-Port = 294 NAS-IP-Address = 172.21.1.3 NAS-Identifier = "ap03" [...] Login incorrect: [000e352af0fd] (from client ap port 294 cli 000e.352a.f0fd) rad_recv: Access-Request packet from host 172.21.1.3:1645, id=112, length=121 User-Name = "law" Framed-MTU = 1400 Called-Station-Id = "0011.92f8.9c10" Calling-Station-Id = "000e.352a.f0fd" Service-Type = Login-User Message-Authenticator = 0xdeadbeef08151337... EAP-Message = 0x0815deadbeef1337... NAS-Port-Type = Wireless-802.11 NAS-Port = 294 NAS-IP-Address = 172.21.1.3 NAS-Identifier = "ap03"
signature.asc
Description: This is a digitally signed message part
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html