I agree that if the users were on the local box authen::local would be the best choice, but all of my users are in our AD. What I need the captive portal to do is authenticate them against our AD and assign them a vlan based on the domain in the username.
I am going to look into creating a custom site in FR to do the captive portal auth, I know it can be done ... looks like I will be trudging through learning it ... wish me luck! Thanks for the info. Jake Sallee Godfather of Bandwidth Network Engineer University of Mary Hardin-Baylor 900 College St. Belton, Texas 76513 Fone: 254-295-4658 Phax: 254-295-4221 -----Original Message----- From: Olivier Bilodeau [mailto:[email protected]] Sent: Tuesday, May 17, 2011 8:01 AM To: [email protected] Subject: Re: [Packetfence-users] Trouble with RADIUS and Captive Portal auth > However when I try to use the radius for the captive portal auth I get > an error on the client that says invalid login or password. However I > see that the user is accepted in the radius debug: > authentication::radius is meant to authenticate a user on another RADIUS server (an existing source for authentication). It makes little sense to use it locally you should use authentication::local instead which would be way lighter. Now, lets say that you do have a use case for a locally hosted authentication source in FreeRADIUS then you should create a separate "site" (FreeRADIUS' virtual-servers) for it without the PacketFence perl module and trying to avoid the PacketFence's /etc/raddb/users entry. Why? Because PacketFence always accepts non-EAP connections by design so it's able to re-direct to the captive portal (you need _some_ network to reach a captive portal). But if you intend to use the FreeRADIUS site for authentication then it should be a proper CHAP (or is it PAP?) FreeRADIUS server. I hope I made things clearer. Cheers! -- Olivier Bilodeau [email protected] :: +1.514.447.4918 *115 :: www.inverse.ca Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org) ------------------------------------------------------------------------------ Achieve unprecedented app performance and reliability What every C/C++ and Fortran developer should know. Learn how Intel has extended the reach of its next-generation tools to help boost performance applications - inlcuding clusters. http://p.sf.net/sfu/intel-dev2devmay _______________________________________________ Packetfence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users ------------------------------------------------------------------------------ Achieve unprecedented app performance and reliability What every C/C++ and Fortran developer should know. Learn how Intel has extended the reach of its next-generation tools to help boost performance applications - inlcuding clusters. http://p.sf.net/sfu/intel-dev2devmay _______________________________________________ Packetfence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
