Hi Alan, I did try to remove the Auth-Type in users file i.e. DEFAULT Realm == "ocesb.com.my", Autz-Type := LDAP1 However, it is still not working. Below is the debug message. modcall[authorize]: module "ldap_1x" returns ok for request 4 modcall: group Autz-Type returns ok for request 4 rad_check_password: Found Auth-Type LDAP auth: type "LDAP" ERROR: Unknown value specified for Auth-Type. Cannot perform requested action. auth: Failed to validate the user. Login incorrect: [[EMAIL PROTECTED]] (from client localhost port 0 cli 00-14-a5-d9-09-07) TTLS: Got tunneled reply RADIUS code 3 Framed-IP-Address = 255.255.255.254 Framed-MTU = 576 Service-Type = Framed-User TTLS: Got tunneled Access-Reject rlm_eap: Handler failed in EAP/ttls rlm_eap: Failed in EAP select modcall[authenticate]: module "eap" returns invalid for request 4 modcall: group authenticate returns invalid for request 4 auth: Failed to validate the user. Login incorrect: [[EMAIL PROTECTED]] (from client Nexthop-WCS port 0 cli 00-14-a5-d9-09-07) Thank. Alan DeKok wrote: [EMAIL PROTECTED] wrote: ..rad_check_password: Found Auth-Type LDAP1Why did you set that? It's breaking EAP.Read eap.conf. DO NOT SET AUTH-TYPE. This comes up so often on the list, and it's documented in so many places, that I'm don't understand why people still run into it. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- CK Tan IT Manager Optical Communication Engineering S/B 19, Jalan Semangat, 46200 Petaling Jaya, Selangor Darul Ehsan Tel: +60 3 76808000 EXT:1205 Fax: +60 3 76808010 H/P: +60 12 9033077 email: [EMAIL PROTECTED] |
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html