Hi Phil, Thanks for you quick response. Just to clarify what we have succeeded in t= o date:
1. Install Samba done 2. Join Samba to the domain done 3. Start winbind done 4. Configure FreeRADIUS to use ntlm_auth to check MSCHAP against the AD controllers done After finding the updated changes for fr v2 we ran the radius -X are are no= w receiving the following:- rad_recv: Access-Request packet from host 10.1.5.4 port 32768, id=3D193, le= ngth=3D256 User-Name =3D "radldapu...@gcu.ac.uk" Calling-Station-Id =3D "00:24:2c:7a:d8:7d" Called-Station-Id =3D "00:26:cb:80:33:20:eduroam" NAS-Port =3D 29 Cisco-AVPair =3D "audit-session-id=3D0a0105040000026d4f0f0224" NAS-IP-Address =3D 10.1.5.4 NAS-Identifier =3D "CLIC_WiSM_A" Airespace-Wlan-Id =3D 9 Service-Type =3D Framed-User Framed-MTU =3D 1300 NAS-Port-Type =3D Wireless-802.11 Tunnel-Type:0 =3D VLAN Tunnel-Medium-Type:0 =3D IEEE-802 Tunnel-Private-Group-Id:0 =3D "914" EAP-Message =3D 0x0202001a017261646c64617075736572406763752e61632e7= 56b Message-Authenticator =3D 0x569f3fe4b0f6cc0bacb1451b037bb5e3 # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/= default +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop ++[digest] returns noop [suffix] Looking up realm "gcu.ac.uk" for User-Name =3D "radldapu...@gcu.ac= .uk" [suffix] Found realm "GCU.AC.UK" [suffix] Adding Stripped-User-Name =3D "radldapuser" [suffix] Adding Realm =3D "GCU.AC.UK" [suffix] Proxying request from user radldapuser to realm GCU.AC.UK [suffix] Preparing to proxy authentication request to realm "GCU.AC.UK" ++[suffix] returns updated [eap] Request is supposed to be proxied to Realm GCU.AC.UK. Not doing EAP. ++[eap] returns noop ++[files] returns noop ++[expiration] returns noop ++[logintime] returns noop ++[pap] returns noop WARNING: Empty pre-proxy section. Using default return values. Sending Access-Request of id 98 to 10.1.1.78 port 1812 User-Name =3D "radldapuser" Calling-Station-Id =3D "00:24:2c:7a:d8:7d" Called-Station-Id =3D "00:26:cb:80:33:20:eduroam" NAS-Port =3D 29 Cisco-AVPair =3D "audit-session-id=3D0a0105040000026d4f0f0224" NAS-IP-Address =3D 10.1.5.4 NAS-Identifier =3D "CLIC_WiSM_A" Airespace-Wlan-Id =3D 9 Service-Type =3D Framed-User Framed-MTU =3D 1300 NAS-Port-Type =3D Wireless-802.11 Tunnel-Type:0 =3D VLAN Tunnel-Medium-Type:0 =3D IEEE-802 Tunnel-Private-Group-Id:0 =3D "914" EAP-Message =3D 0x0202001a017261646c64617075736572406763752e61632e7= 56b Message-Authenticator =3D 0x00000000000000000000000000000000 Proxy-State =3D 0x313933 Proxying request 0 to home server 10.1.1.78 port 1812 Sending Access-Request of id 98 to 10.1.1.78 port 1812 User-Name =3D "radldapuser" Calling-Station-Id =3D "00:24:2c:7a:d8:7d" Called-Station-Id =3D "00:26:cb:80:33:20:eduroam" NAS-Port =3D 29 Cisco-AVPair =3D "audit-session-id=3D0a0105040000026d4f0f0224" NAS-IP-Address =3D 10.1.5.4 NAS-Identifier =3D "CLIC_WiSM_A" Airespace-Wlan-Id =3D 9 Service-Type =3D Framed-User Framed-MTU =3D 1300 NAS-Port-Type =3D Wireless-802.11 Tunnel-Type:0 =3D VLAN Tunnel-Medium-Type:0 =3D IEEE-802 Tunnel-Private-Group-Id:0 =3D "914" EAP-Message =3D 0x0202001a017261646c64617075736572406763752e61632e7= 56b Message-Authenticator =3D 0x00000000000000000000000000000000 Proxy-State =3D 0x313933 Going to the next request Waking up in 0.9 seconds. Waking up in 12.9 seconds. rad_recv: Access-Request packet from host 10.1.5.4 port 32768, id=3D193, le= ngth=3D256 Sending duplicate proxied request to home server 10.1.1.78 port 1812 - ID: = 98 Sending Access-Request of id 98 to 10.1.1.78 port 1812 User-Name =3D "radldapuser" Calling-Station-Id =3D "00:24:2c:7a:d8:7d" Called-Station-Id =3D "00:26:cb:80:33:20:eduroam" NAS-Port =3D 29 Cisco-AVPair =3D "audit-session-id=3D0a0105040000026d4f0f0224" NAS-IP-Address =3D 10.1.5.4 NAS-Identifier =3D "CLIC_WiSM_A" Airespace-Wlan-Id =3D 9 Service-Type =3D Framed-User Framed-MTU =3D 1300 NAS-Port-Type =3D Wireless-802.11 Tunnel-Type:0 =3D VLAN Tunnel-Medium-Type:0 =3D IEEE-802 Tunnel-Private-Group-Id:0 =3D "914" EAP-Message =3D 0x0202001a017261646c64617075736572406763752e61632e7= 56b Message-Authenticator =3D 0x00000000000000000000000000000000 Proxy-State =3D 0x313933 Waking up in 12.0 seconds. rad_recv: Access-Request packet from host 10.1.5.4 port 32768, id=3D193, le= ngth=3D256 Sending duplicate proxied request to home server 10.1.1.78 port 1812 - ID: = 98 Sending Access-Request of id 98 to 10.1.1.78 port 1812 User-Name =3D "radldapuser" Calling-Station-Id =3D "00:24:2c:7a:d8:7d" Called-Station-Id =3D "00:26:cb:80:33:20:eduroam" NAS-Port =3D 29 Cisco-AVPair =3D "audit-session-id=3D0a0105040000026d4f0f0224" NAS-IP-Address =3D 10.1.5.4 NAS-Identifier =3D "CLIC_WiSM_A" Airespace-Wlan-Id =3D 9 Service-Type =3D Framed-User Framed-MTU =3D 1300 NAS-Port-Type =3D Wireless-802.11 Tunnel-Type:0 =3D VLAN Tunnel-Medium-Type:0 =3D IEEE-802 Tunnel-Private-Group-Id:0 =3D "914" EAP-Message =3D 0x0202001a017261646c64617075736572406763752e61632e7= 56b Message-Authenticator =3D 0x00000000000000000000000000000000 Proxy-State =3D 0x313933 Waking up in 9.9 seconds. rad_recv: Access-Request packet from host 10.1.5.4 port 32768, id=3D193, le= ngth=3D256 Sending duplicate proxied request to home server 10.1.1.78 port 1812 - ID: = 98 Sending Access-Request of id 98 to 10.1.1.78 port 1812 User-Name =3D "radldapuser" Calling-Station-Id =3D "00:24:2c:7a:d8:7d" Called-Station-Id =3D "00:26:cb:80:33:20:eduroam" NAS-Port =3D 29 Cisco-AVPair =3D "audit-session-id=3D0a0105040000026d4f0f0224" NAS-IP-Address =3D 10.1.5.4 NAS-Identifier =3D "CLIC_WiSM_A" Airespace-Wlan-Id =3D 9 Service-Type =3D Framed-User Framed-MTU =3D 1300 NAS-Port-Type =3D Wireless-802.11 Tunnel-Type:0 =3D VLAN Tunnel-Medium-Type:0 =3D IEEE-802 Tunnel-Private-Group-Id:0 =3D "914" EAP-Message =3D 0x0202001a017261646c64617075736572406763752e61632e7= 56b Message-Authenticator =3D 0x00000000000000000000000000000000 Proxy-State =3D 0x313933 Waking up in 7.9 seconds. rad_recv: Access-Request packet from host 10.1.5.4 port 32768, id=3D193, le= ngth=3D256 Sending duplicate proxied request to home server 10.1.1.78 port 1812 - ID: = 98 Sending Access-Request of id 98 to 10.1.1.78 port 1812 User-Name =3D "radldapuser" Calling-Station-Id =3D "00:24:2c:7a:d8:7d" Called-Station-Id =3D "00:26:cb:80:33:20:eduroam" NAS-Port =3D 29 Cisco-AVPair =3D "audit-session-id=3D0a0105040000026d4f0f0224" NAS-IP-Address =3D 10.1.5.4 NAS-Identifier =3D "CLIC_WiSM_A" Airespace-Wlan-Id =3D 9 Service-Type =3D Framed-User Framed-MTU =3D 1300 NAS-Port-Type =3D Wireless-802.11 Tunnel-Type:0 =3D VLAN Tunnel-Medium-Type:0 =3D IEEE-802 Tunnel-Private-Group-Id:0 =3D "914" EAP-Message =3D 0x0202001a017261646c64617075736572406763752e61632e7= 56b Message-Authenticator =3D 0x00000000000000000000000000000000 Proxy-State =3D 0x313933 Waking up in 5.9 seconds. rad_recv: Access-Request packet from host 10.1.5.4 port 32768, id=3D193, le= ngth=3D256 Sending duplicate proxied request to home server 10.1.1.78 port 1812 - ID: = 98 Sending Access-Request of id 98 to 10.1.1.78 port 1812 User-Name =3D "radldapuser" Calling-Station-Id =3D "00:24:2c:7a:d8:7d" Called-Station-Id =3D "00:26:cb:80:33:20:eduroam" NAS-Port =3D 29 Cisco-AVPair =3D "audit-session-id=3D0a0105040000026d4f0f0224" NAS-IP-Address =3D 10.1.5.4 NAS-Identifier =3D "CLIC_WiSM_A" Airespace-Wlan-Id =3D 9 Service-Type =3D Framed-User Framed-MTU =3D 1300 NAS-Port-Type =3D Wireless-802.11 Tunnel-Type:0 =3D VLAN Tunnel-Medium-Type:0 =3D IEEE-802 Tunnel-Private-Group-Id:0 =3D "914" EAP-Message =3D 0x0202001a017261646c64617075736572406763752e61632e7= 56b Message-Authenticator =3D 0x00000000000000000000000000000000 Proxy-State =3D 0x313933 Waking up in 3.9 seconds. Cleaning up request 0 ID 193 with timestamp +14 Marking home server 10.1.1.78 port 1812 as zombie (it looks like it is dead= ). Ready to process requests. We are trying to locate where we would reference our internal AD within eit= her proxy.conf and/or clients.conf. or should ntlm do this automatically...= .. Ps we are not trying to use ldap sorry for the mis leading test user id :). Thanks -- View this message in context: http://freeradius.1045715.n5.nabble.com/Help-with-proxy-settings-please-tp5139910p5140289.html Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html