> On Jan 6, 2016, at 2:18 , ghulam faqih <[email protected]> wrote:
>
> hello.
>
> im new user in packetfence. i had stuck 2 day for configuration radius +
> openldap on packetfence.
>
> im using packetfence latest version 5.5.2 operating system centos 6.5
>
> first problem.
> i follow administrator guide packetfence at page 38. "Next in
> /usr/local/pf/raddb/sites-available/packetfence-tunnel add in the authorize
> section: "
>
> theres no file packetfence-tunnel, so i copied from to directory
> /usr/local/pf/raddb/sites-available/.
The configuration guide is incorrect on that point.
The /usr/local/pf/raddb/sites-available/packetfence-tunnel file is now
generated automatically based on the configuration and content of the
/usr/local/pf/conf/radiusd/packetfence-tunnel file.
If you just copy that file it will be overwritten and your changes discarded.
Instead you should edit the /usr/local/pf/conf/radiusd/packetfence-tunnel
directly.
>
> second problem.
> after i finish the configuration and run debug radiusd theres no error, but
> if i try radtest command even with wrong password the respons reply from
> radius always access-accept.
>
radtest does not generate a PEAP request (which I assume you are trying to do).
As such, it will not be tunnelled and nothing will go through the
packetfence-tunnel virtual server.
Use eapol_test instead: http://deployingradius.com/scripts/eapol_test/
<http://deployingradius.com/scripts/eapol_test/>
Regards,
--
Louis Munro
[email protected] :: www.inverse.ca
+1.514.447.4918 x125 :: +1 (866) 353-6153 x125
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence
(www.packetfence.org)
------------------------------------------------------------------------------
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
