Hi Alan, i told myself that i should try and enable the ldap module in the authorize section, nothing wrong in that ;)
and now it works... so now in my inner-tunnel file i got: server inner-tunnel { authorize { suffix update control { Proxy-To-Realm := LOCAL } eap { ok = return } ldap expiration logintime pap } authenticate { Auth-Type PAP { pap } Auth-Type LDAP { ldap } } .... } it works like this, but im still not sure if this is the recommended way :D thanks and best regards Caius Pargar --- On Mon, 11/16/09, Alan Buxey <a.l.m.bu...@lboro.ac.uk> wrote: > From: Alan Buxey <a.l.m.bu...@lboro.ac.uk> > Subject: Re: FR2.1.7 with EAP-TTLS/PAP and LDAP > To: "FreeRadius users mailing list" <freeradius-users@lists.freeradius.org> > Date: Monday, November 16, 2009, 2:44 PM > Hi, > > Hi Alan, > > > > i checked my sites-available/inner-tunnel file: > > > > in authorize section everything is commented, except: > eap and pap (ldap is commented). > > > > in authneticate section i have > > Auth-Type PAP { > > > pap > > } > > > > Auth-Type LDAP { > > > ldap > > } > > > > the rest is commented > > IIRC this is one of those wierd times when you need to have > a > > DEFAULT Auth-Type := LDAP > > att he bottom of your users file. I may be > wrong...but i think EAP+LDAP is > a funny beast > > alan > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html