bslee (HKBU) wrote: > Question1: I don't have the client and nas environment right now. I > want to input "EAP-TTLS" and "EAP-PEAP (MSCHAPv2)" respectively into > radclient (or radtest) to test my freeradius configuration. What should > be the input to radclient (or radtest) (i.e. the red string in the > example below)?
radclient does not do EAP. You will need to use "eapol_test". See http://deployingradius.com for complete instructions. > Question 2: When freeradius receives a authentication request of either > one of those 2 types in question 1, a script will be invoked to > authenticate mysql (i.e. to replace corresponding rlm_eap_xxx module). Uh... no. That is not at all how it works. > a. May I know related configurations for invoking the script? See scripts/exec-program-wait, and "man unlang" > b. some attributes should be sent to the script from freeradius. What > are these attributes? How to get these attributes from PHP script? See above. > c. After accessing MYSQL, PHP script should return some attributes back > to freeradius, What are these attributes? How to allow freeradius to > accept authentication result and those attributes? See above. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
