Ok, it works, but a new problem emerged.... I have 6 AP´s. One of them send the MAC in the following format: 00-18-E7-41-AD-C2. The others send 0018e741adc2... Here the letters are in lowercase and if changed to uppercase the authentication fails from 5 AP´s. What must I do in radcheck table to work with the 6 AP´s? More details of actual radcheck in MySQL:
1 DEFAULT Fall-Through = Yes 2 guaraldi Calling-Station-Id == 00-18-E7-41-AD-C2 3 guaraldi Cleartext-Password := 123mudar 4 guaraldi Simultaneous-Use := 1 21 DEFAULT Fall-Through = Yes 22 wvcampos Calling-Station-Id == 00-11-95-95-DC-C0 23 wvcampos Cleartext-Password := sprj2009 24 wvcampos Simultaneous-Use := 1 With this config in radcheck table, guaraldi with letters in uppercase and separated by hyphen is fine. Changing MAC to 0018e741adc2 give me authentication reject. XP Clients do 802.1x EAP-PEAP. It works fine. Let me ask, must I enter DEFAULT Fall-Through = Yes to every user in my database or only one entry? The entries above are correct? Best regards, Guaraldi 2009/9/11 Ivan Kalik <[email protected]>: >> Oops!!! >> Putting my head in the right place... :-) >> >> May I insert in the radcheck table for user guaraldi, password >> mudar123, MAC 00-18-E7-41-AD-C2 the following lines??? >> >> 1 DEFAULT Fall-Through = >> yes >> 2 guaraldi Cleartext-Password := >> mudar123 >> 3 guaraldi Calling-Station-Id == >> 00-18-E7-41-AD-C2 >> 4 guaraldi Simultaneous-Use := 1 >> >> And set in the peap section of eap.conf file: copy_request_to_tunnel = >> yes >> Is this correct???????????? > > Yes. You need to copy outer request into the tunnel (sql should alredy be > enabled for password to work). You should probably enable > "use_tunneled_reply" as well, to get reply attributes into the final > reply. > > Ivan Kalik > Kalik Informatika ISP > > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
