On 14/08/2009 07:57, Alan DeKok wrote:
Sunardo Panjaitan wrote:
This the output of radiusd -X :
rad_recv: Access-Request packet from host 10.1.0.6 port 1024, id=5, length=139
...
EAP-Message = 0x0201000501
...
Found Auth-Type = Accept
Auth-Type = Accept, accepting the user
You can't do that for EAP. It might work sometimes, but not regularly.
Indeed.
And if you do that, you need to return an EAP-Success in the
Access-Accept.
But the client can't connect.Anybody can help me???
You're short-circuiting an EAP exchange, which really won't work.
The examples were meant for pure RADIUS based mac-auth. If you're using EAP,
you really want mac-authz.
Please advise on what EAP method you're using PEAP/TTLS etc... and we may be
able to help you further.
Manufacturing accepts will work with some eap methods such as EAP-MD5 and
EAP-TTLS-PAP. But not with methods such as EAP-TTLS-MSCHAPv2 or EAP-PEAP.
Regards,
Arran
--
Arran Cudbard-Bell <[email protected]>,
Systems Administrator (AAA),
Infrastructure Services (IT Services),
E1-1-08, Engineering 1, University Of Sussex, Brighton, BN1 9QT
DDI+FAX: +44 1273 873900 | INT: 3900
GPG: 86FF A285 1AA1 EE40 D228 7C2E 71A9 25BB 1E68 54A2
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
