Re: Accepting all users in PEAP
Pedro Ribeiro <[EMAIL PROTECTED]> wrote: > I'm trying to make life easier for users that don't configure > well the access to our wireless network or are using the wrong > credentials. > > My idea was to always accept them, but force them to some special > network (Vlan) that for every web access redirects them to a page > explaining the problem (yes I know Reply-Message is meant to this, > but unfortunately Windows doesn't show the message to users ...) PEAP uses MS-CHAPv2 in the inner tunneled session, which means that the RADIUS server needs the users password to finish the authentication session. Without the password, the session will not finish, and the client will not think it's authenticated. > Does anyone have a similar setup that could give-me some tips > (example configuration) ? It's pretty much impossible. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Accepting all users in PEAP
Hello freeradius-users, I'm trying to make life easier for users that don't configure well the access to our wireless network or are using the wrong credentials. My idea was to always accept them, but force them to some special network (Vlan) that for every web access redirects them to a page explaining the problem (yes I know Reply-Message is meant to this, but unfortunately Windows doesn't show the message to users ...) I've made some tests to this without success ... Does anyone have a similar setup that could give-me some tips (example configuration) ? Thanks! Note: Our Wireless Network is based in Cisco AP1230G APs with FreeRADIUS doing the AAA and getting the users credentials from a MySQL Backend. Authentication EAP/PEAP/MSCHAPv2 or EAP/TTLS/PAP For curious people here goes the URL for some extra information: http://www.net.ipl.pt/index.php?id=19 ( in Portuguese ) -- Best regards, Pedro mailto:[EMAIL PROTECTED] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html