[RADIATOR] Password Variable not passed

[Michael Hulko]

 I am not able to determine when using the %P variable, it does not pass the user password into the LDAP authentication.We are attempting to terminate the PEAP/EAP on our wireless controllers (Aruba) and pass the username and password to Radiator for authentication as this only requires a single common certificate to be presented to the clients, unless Radiator does not have an issue reusing certs on different servers?When I set the password in the config file statically, I receive an access-accept reply, however, when I attempt to use the %P parameter, the password is never included in the authentication.Suggestions would be appreciatedI have stripped the config down for testing purposes.


logfile
Description: Binary data

#Tubuluar.vm.its.uwo.ca
#
# eap_multi.cfg
#
# This config supports EAP-TTLS and EAP-PEAP proxied from an external Radius 
server
#
Foreground 1
#LogStdout 1
LogDir c:/program files/radiator
DbDir c:/program files/radiator


AuthPort 1645,1812
AcctPort 1646,1813

# User a lower trace level in production systems:
#Trace  3
Trace   7

# IMPORTANT = convert user name to lower case to ensure match on uwo.ca realm 
in handler match criteria 
UsernameCharset a-zA-Z0-9\._@-
RewriteUsername tr/A-Z/a-z/


# UwoLDAP is used to authenticate the inner TTLS credentials and outer PEAP 
credentials against LDAP
# Note requires TTLS and PEAP support 
# Both userid and password are checking for inner TTLS requests
# Only the userid is checked for for outer PEAP requests
AuthBy LDAP2
Log errorLogger
Identifier UwoLDAP-LB
EAPType MSCHAP-V2
NoDefault
# Tell Radiator how to talk to the LDAP server
Hostauth.uwo.ca
AuthDN  uid=%U,ou=people,o=uwo.ca,dc=its
AuthPassword%P

# Add role from LDAP to the request via the AuthAttrDef
AuthAttrDef description,Role,request
AuthAttrDef loginShell,Shell,request
AuthAttrDef uwoid,Uid,request

BaseDN  o=uwo.ca,dc=its 
UsernameAttruid
PasswordAttr

AddToReply Reply-Message=STF

Timeout 10
/AuthBy



# Handlers are processed sequentially - and first match applies

Handler Request-Type = Accounting-Request
Log errorLogger
AuthBy AccountingResponse
PostAuthHook file:%D/accounting.hook
/Handler



#

# Test Handler
# Handles both authenication checks and logging as mac is available.
#

Handler
AuthBy UwoLDAP
/Handler





ThanksMH

inline: western-logo-sm2.gifMichael HulkoNetwork AnalystWestern University CanadaNetwork Operations CentreInformation Technology Services1393 Western Road, SSB 3300CCLondon, Ontario N6G 1G9tel: 519-661-2111 x81390e-mail: mihu...@uwo.ca mailto:mihu...@uwo.ca

___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator

[RADIATOR] Miraki wifi works with Radiator for accounting and authentication

[Scott]

dear team, we are trying to use Miraki wifi works with Radiator for accounting 
and authentication. It's hotel. to simplify the guest's wifi access and 
billing. the currently billing system is Fidelio. Any one can advise if this 
can be done and how do they work with each other?thanks!
scott___
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator