eap-ttls proxy and ldap
This is a discussion on eap-ttls proxy and ldap within the FreeRADIUS Users forums, part of the Networking and Network Related category; hi i try to proxy eap-ttls request from a freeradius server to another i use outer identity anonymous@domainename ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
02-28-2007
|
|||
|
|||
eap-ttls proxy and ldap
hi
i try to proxy eap-ttls request from a freeradius server to another i use outer identity anonymous@domainename and username login@domainename first server proxy to the second a request with anonymous as username so it don t work if i use outer identity anonymous@anoterdomain ( anoterdomain is local to the first server ) all works fine , the proxy request is with login as username i use freeradius 1.1.3 on debian on this server here are my logs i have other proxy that works well thanks rad_recv: Access-Request packet from host xxx:1814, id=36, length=162 User-Name = "anonymous" Framed-MTU = 1400 Called-Station-Id = "000d.eddf.7aa6" Calling-Station-Id = "0002.2d70.02a2" Service-Type = Login-User Message-Authenticator = 0xdd3f8213af874ac3b02b2ad676fa70cc EAP-Message = 0x0202001e01616e6f6e796d6f757340656e632e736f72626f 6e6e652e6672 NAS-Port-Type = Wireless-802.11 NAS-Port = 165300 NAS-IP-Address = xxx NAS-Identifier = "xxx" Proxy-State = 0x3336 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 2 modcall[authorize]: module "preprocess" returns ok for request 2 rlm_eap: EAP packet type response id 2 length 30 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 2 users: Matched entry DEFAULT at line 14 modcall[authorize]: module "files" returns ok for request 2 modcall: leaving group authorize (returns updated) for request 2 Found Autz-Type enc Processing the authorize section of radiusd.conf modcall: entering group enc for request 2 rlm_ldap: - authorize rlm_ldap: performing user authorization for anonymous radius_xlat: '(uid=anonymous)' radius_xlat: 'dc=enc,dc=sorbonne,dc=fr' rlm_ldap: ldap_get_conn: Checking Id: 0 rlm_ldap: ldap_get_conn: Got Id: 0 rlm_ldap: performing search in dc=enc,dc=sorbonne,dc=fr, with filter (uid=anonymous) rlm_ldap: object not found or got ambiguous search result rlm_ldap: search failed rlm_ldap: ldap_release_conn: Release Id: 0 modcall[authorize]: module "enc" returns notfound for request 2 modcall: leaving group enc (returns notfound) for request 2 rad_check_password: Found Auth-Type pap auth: type "PAP" Processing the authenticate section of radiusd.conf modcall: entering group PAP for request 2 rlm_pap: Attribute "Password" is required for authentication. modcall[authenticate]: module "pap" returns invalid for request 2 modcall: leaving group PAP (returns invalid) for request 2 auth: Failed to validate the user. Delaying request 2 for 1 seconds Finished request 2 Going to the next request Waking up in 3 seconds... - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html 
|
Linear Mode
