On Jan 3, 2008 3:31 PM, Alan DeKok <[EMAIL PROTECTED]> wrote: > Nicholas Hall wrote: > > *My Goal*: PAP on legacy port 1645, CHAP on 1812 working simultaneously. > > All you need to do is to configure two "listen" sections. This can be > done in 1.1.7. You don't need two virtual servers. >
The problem is that my PAP users are in a different location in LDAP. This is why I created two more instances of the LDAP module pointing to a different basedn. > > *My Environment*: FreeRADIUS 2.0.0-pre2, LDAP user database, MySQL > > Accounting. > > Please don't use -pre2. I'll be removing it from the web site soon, > as we plan on releasing 2.0.0 within a *very* short while. i.e. grab a > copy of the source from CVS, and use that. I'm actually running a CVS snapshot from a while back. It seems to be working fine -- my plan was to continue running it until 2.0.0 is released. > > *Problem*: I'm running a virtual host for each AUTH port. Each works > > fine when placed in sites-enabled individually but my CHAP virtualhost > > fails when both are enabled. The vhost listening on 1812 appears to be > > referencing an LDAP module that is not listed in it's server{ ... } > > block. You will see "ou=Dialup" in the debugging output below of a CHAP > > request to 1812 that is only contained in the legacy PAP vhost. Any > > ideas are appreciated!! > > Please read the *entire* debug log. It's not just doing an LDAP query > at random. It's doing an LDAP query because you're using the LDAP-Group > attribute in line 16 of the "users" file. > > If you don't want a virtual server to do LDAP lookups, don't configure > it to use the LDAP-Group attribute. > Thanks. Things are working after removing the LDAP-Group attribute. I'm not 100% sure why but for now I'm not going to worry about it! -- Nicholas Hall [EMAIL PROTECTED] 262.208.6271
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html