Alan DeKok wrote:
Phil Mayers wrote:
I'm only slightly wiser from reading that... Shouldn't 'eap' and 'mschap'
be in this Authz-Type to then?
No
I will note that in CVS head (2.0-pre2), this is *much* easier to
understand. There's a configuration file for the outer tunnel
Norbert Wegener wrote:
Can you already foresee, when pre2 will be released?
I had intended to do it last week, but I'll do it this week.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
On Sat, 2007-08-25 at 21:12 +0200, Turbo Fredriksson wrote:
Quoting Phil Mayers [EMAIL PROTECTED]:
2) INNER Auth part ensures that the ldap module is only called for the
INNER part of the check...not for everything else. also very very useful
as it stops outer ID junk and debris from
Phil Mayers wrote:
I'm only slightly wiser from reading that... Shouldn't 'eap' and 'mschap'
be in this Authz-Type to then?
No
I will note that in CVS head (2.0-pre2), this is *much* easier to
understand. There's a configuration file for the outer tunnel piece,
and a separate one for the
Quoting Phil Mayers [EMAIL PROTECTED]:
2) INNER Auth part ensures that the ldap module is only called for the
INNER part of the check...not for everything else. also very very useful
as it stops outer ID junk and debris from being checked.
What IS 'the INNER part' (may depend on the
Quoting Phil Mayers [EMAIL PROTECTED]:
DEFAULT FreeRadius-Proxied-To == 127.0.0.1, Autz-Type := INNER
1) proxy part makes sure that only INNER is called when its proxied to
127.0.0.1
Ok, think I got this. Does it matter WHERE in the file this DEFAULT is?
And is the keyword 'INNER'
On Fri, 2007-08-24 at 13:49 +0200, Turbo Fredriksson wrote:
Quoting Phil Mayers [EMAIL PROTECTED]:
DEFAULT FreeRadius-Proxied-To == 127.0.0.1, Autz-Type := INNER
1) proxy part makes sure that only INNER is called when its proxied to
127.0.0.1
Ok, think I got this. Does it matter
I'm working on fine tuning my radiusd.conf file, and found that
I get 13 authorize request to the LDAP server for one XXX (client,
request, logon?!).
I have 802.1x (RADIUS) enabled on my WiFi router, and when requesting
a network on my client, there's 13 authorize requests... Using multilog
which
On Wed, 2007-08-22 at 19:29 +0200, Turbo Fredriksson wrote:
I'm working on fine tuning my radiusd.conf file, and found that
I get 13 authorize request to the LDAP server for one XXX (client,
request, logon?!).
You can reduce this somewhat by doing this:
authorize {
preprocess
eap
files
Quoting Phil Mayers [EMAIL PROTECTED]:
On Wed, 2007-08-22 at 19:29 +0200, Turbo Fredriksson wrote:
I'm working on fine tuning my radiusd.conf file, and found that
I get 13 authorize request to the LDAP server for one XXX (client,
request, logon?!).
You can reduce this somewhat by doing
Hi,
...which will only run the LDAP auth for the EAP inner request. You'll
still see two queries though for PEAP/MSCHAP
I see. I'll try that as soon as my girlfriend leaves again, I can only
fiddle with the WiFi router when she's not home :)
In the mean time, what does all this do,
11 matches
Mail list logo