Sewell, Adam W wrote:
Thanks for the help guys, but I don't think that's going to work
for me. I was doing some testing today and it doesn't seem like
I can add a filter-id to the access-accept packet from the
post-auth function.
Uh... no. You can add almost anything to the Access-Accept
?
- Original Message -
From: [EMAIL PROTECTED]
Sent: Fri, 8/22/2008 3:10am
To: FreeRadius users mailing list freeradius-users@lists.freeradius.org
Subject: Re: NAS-IP-Address, rlm_perl, and loopback
Hi,
Which explains what's going on. PEAP is really two things: an outer
TLS session, and inner EAP
Adam W. Sewell wrote:
I am using PEAP/MsChapv2.
Exactly. There are multiple packet exchanges as part of one PEAP
authentication.
I am using a perl script to authorize the user access to the network based on
some information that is pulled out of a database via our perl script. This
part
Hi,
Which explains what's going on. PEAP is really two things: an outer
TLS session, and inner EAP-MSCHAPv2 authentication. So there are *two*
streams of RADIUS packets. One that sets up the tunnel, and one that
does the authentication inside of the tunnel.
yep - so if you only want to
Adam W. Sewell wrote:
I'm having a couple of issues particularly pertaining
to the NAS-IP-Address variable that is passed from the
switch. When a client sends the auth-request, we find
that the authorize function of our perl script is being
executed multiple times for the same request.
This also leads into the second issue I'm having that when
the perl script does run, it doesn't always pass the same
data in the NAS-IP-Address variable. Half the time it is the
correct information and half the time it is 127.0.0.1.
Go read the debug output. The NAS-IP-Address is
6 matches
Mail list logo