Hi,
1. Post-Auth packet becomes empty with that approach 2. eap module works different with that approach radiusd.conf: authenticate { .... eap .... } Got the output (radiusd -X): Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 modcall[authorize]: module "preprocess" returns ok for request 0 radius_xlat: '/usr/local/var/log/radius/radacct/10.10.10.1/auth-detail-20070329' rlm_detail: /usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/10.10.10.1/auth-detail-20070329 modcall[authorize]: module "auth_log" returns ok for request 0 rlm_realm: No '@' in User-Name = "agentnode", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 0 rlm_eap: EAP packet type response id 0 length 14 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 0 users: Matched entry DEFAULT at line 164 modcall[authorize]: module "files" returns ok for request 0 modcall: leaving group authorize (returns updated) for request 0 rad_check_password: Found Auth-Type Accept rad_check_password: Auth-Type = Accept, accepting the user radius_xlat: 'success' Login OK: [agentnode] (from client erico-gprt port 2 cli 00-40-F4-C5-88-C7) Sending Access-Accept of id 0 to 10.10.10.1 port 2015 Reply-Message = "success" Finished request 0 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... rad_recv: Access-Accept packet from host 10.10.10.1:2015, id=0, length=29 Authentication reply packet code 2 sent to a non-proxy reply port from client erico-gprt:2015 - ID 0 : IGNORED --- Walking the entire request list --- Waking up in 3 seconds... --- Walking the entire request list --- Cleaning up request 0 ID 0 with timestamp 460c15b6 Nothing to do. Sleeping until we see a request. Thanks, Erico. ----- Mensagem original ---- De: joe vieira <[EMAIL PROTECTED]> Para: FreeRadius users mailing list <freeradius-users@lists.freeradius.org> Enviadas: Quinta-feira, 29 de Março de 2007 16:23:24 Assunto: Re: DEFAULT and users file Erico Augusto wrote: > Hi, > > I'm using EAP-TTLS to supplicant authentication. > > to authenticate the users at freeradius, I'm using users file to match > user's password: > .... > user User-Password == "test" > Reply-Message = "success" > .... > Is there a way, using DEFAULT, for example, to return success to all > users without the necessity to match the User-Password(bypass > freeradius authentication). What I'm trying to do is authenticate > users just at post-auth. I'm using some examples from doc directory, > but without success... > Thanks, Erico. > do you mean like,? DEFAULT Auth-Type := Accept Reply-Message = "success" to accept all users and reply success to them or just DEFAULT Reply-Message = "success" just to reply success to everyone (im pretty sure) - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html __________________________________________________ Fale com seus amigos de graça com o novo Yahoo! Messenger http://br.messenger.yahoo.com/
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html