Fred MAISON wrote: > Hello freeradius-users, > I search a way to ignore phase1 identity and avoid ldap access during > phase1 for EAP-PEAP/mschapv2
See raddb/sites-enabled/inner-tunnel > I have a basic setup which seems to work (eapol-test compiled from > hostapd sources), but generate a lot of logs and ldap access during > phase1. Because you configured it to do that. Fix it so that the LDAP lookups happen only in the inner tunnel. > It also fails if outter identity is unknown in ldap (anonymous > or other fancy id encoutered in customer's freeradius v1 production > auth_logs ...) Because you configured it to do LDAP lookups during tunnel setup. Why? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
