It seems that rlm_mschap do not include Cisco-AVPair =
"ssid=is_client" in its auth request
How can I solve this situation?
You haven't put enough of the debug log to be certain, but that sounds
like a reasonable supposition:
try:
eap {
peap {
copy_request_to_tunnel = yes
# other things here
}
}
PEAP (and in fact TTLS) make a "fake" Radius request from the inner auth
(e.g. MSCHAP) proxied to 127.0.0.1. That request by default only has a
small number of AVPs. The copy_request_to_tunnel tells FreeRadius to
copy the AVPs from the original to the new request.
thanx, it helps.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html