On Thu, Apr 18, 2013 at 09:37:06PM +0530, Chitrang Srivastava wrote: > radtest is working > wifi authentication is also working ( configured the access point to use > TTLS-MSCHAPv2)
ok. > open wifi with captive portal (lightttpd) is *not * working right. > What I found is captive portal server is sending a non-EAP message and as > suggested in wiki I am not using setting auth type anywhere (EAP message > will determine automatically) Captive portal is doing PAP. I guess you want to try and auth this by binding to the ldap server. I've not done this recently, but I think the following might work. For some reason, even though > Module: Instantiating module "ldap_secondary" from file > /etc/raddb/radiusd.conf > ldap ldap_secondary { ... > set_auth_type = yes ... > } is set, it's not setting auth_type. That's clear from > ERROR: No authenticate method (Auth-Type) found for the request: Rejecting > the user Try this at the bottom of the authorize {} section: authorize { ... # not EAP, is PAP, and no other Auth-Type set, so assume ldap if (!EAP-Message && User-Password) { update control { Auth-Type = ldap_secondary } } } and then in the authenticate section: authenticate { Auth-Type ldap_secondary { ldap_secondary } } and see what you get. Again, post output of radiusd -X if there are still problems (new output, not the same as last time :) ). I don't know enough about the ldap module to know why it's not setting Auth-Type (and too ill at present to go digging to find out). Cheers, Matthew -- Matthew Newton, Ph.D. <m...@le.ac.uk> Systems Specialist, Infrastructure Services, I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom For IT help contact helpdesk extn. 2253, <ith...@le.ac.uk> - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html