>In my proxy.conf file, I have > >Realm LOCAL { >} > >I noticed right above that, that it suggest to add "DEFAULT EAP-TYPE == >PEAP, Proxy-To-Realm := LOCAL to the users file. So I added that to the >users file. Is realm Local {} not correct? If not, what should it be?
Nothing. Zou can delete that DEFAULT entry. > >In the sites-enabled/default I had eap { ok = return} before I had the >statement calling perl, so I moved the eap {} to after the perl >statement. This is in the authorize function. > Put it back as it was. You don't need perl in TLS exchange. Don't list it in default virtual server. > >I did hardcode the Auth-Type perl because the wiki said to in the users >file. I've taken that out now. > I assume you hardcoded that in perl sub authorize. That's a good place for it. Put it back. >I know that perl is being initiated because this is in the log file, > >Module: Instantiating perl > perl { > module = "/etc/raddb/perl/authorize.pl" > func_authorize = "authorize" > func_authenticate = "authenticate" > >and I do call perl in the authorize section of the sites-enabled/default >file. No, don't call perl in default virtual server. Call it in authorize and authenticate in inner-tunnel virtual server. That's where (if you haven't made changes to eap.conf) mschap authentication takes place. Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html