trivial problem?
This is a discussion on trivial problem? within the FreeRADIUS Users forums, part of the Networking and Network Related category; Hello, I'm fairly new to freeradius so to some my problem may seem trivial, but ... I'm trying to ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
11-22-2006
|
|||
|
|||
trivial problem?
Hello,
I'm fairly new to freeradius so to some my problem may seem trivial, but ... I'm trying to get EAP-TLS to work, and when using "file" setup everything works as it's suppose to - only selected users can authorize after meeteing check criteria. When i switch to SQL (postgresql) it seems that no matter what i insert to radcheck and radreply tables *any user (if he has valid cert) can authorize without any problems* :-( Can anybody shed some light on this issue ? My configuration: ### USERS ### "ajax" Auth-Type := EAP, Calling-Station-Id == "some-valid-mac" # "ajax" Auth-Type := EAP, Calling-Station-Id == "some-invalid-mac" DEFAULT Auth-Type := Reject Reply-Message = "ACCESS DENIED" ### SQL ### radius=> select * from radcheck; id | username | attribute | op | value -----+----------+--------------------+----+--------------- 410 | ajax | Auth-Type | := | EAP 411 | ajax | Calling-Station-ID | == | some-INVALID-mac 412 | DEFAULT | Auth-Type | := | Reject (3 rows) radius=> select * from radreply; id | username | attribute | op | value ----+----------+---------------+----+--------------- 3 | DEFAULT | Reply-Message | = | ACCESS DENIED (1 row) All other tables are _empty_ ### postgresql.conf ### Is a default postgresql.conf from freeradius (with database connection settings set) ### radiusd.conf ### authorize { preprocess suffix eap sql # files } authenticate { eap } -- best regards, Marcin 'Yans' Bazarnik - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html 
|
Linear Mode
