Re: EAP/TTLS on LDAP with freeradius 2.0.1

Le mercredi 06 février 2008, Alan DeKok a écrit : Thierry CHICH wrote: However, it the accounting is always done with the outer identity ... Login OK: [EMAIL PROTECTED]/] (from client ap-rectorat02 port 0) +- entering group post-auth expand: %{request.User-Name} -

Re: EAP/TTLS on LDAP with freeradius 2.0.1

Thierry CHICH wrote: You are right. I think this typo is in the original file inner-tunnel included in the distrib, Yes, I've fixed it. but it work better - but not as I want. Now, I have a good Access-Accept packet, but it is seems that the accounting-request following don't care.

Re: EAP/TTLS on LDAP with freeradius 2.0.1

Le jeudi 07 février 2008, Alan DeKok a écrit : Thierry CHICH wrote: You are right. I think this typo is in the original file inner-tunnel included in the distrib, Yes, I've fixed it. but it work better - but not as I want. Now, I have a good Access-Accept packet, but it is seems that

EAP/TTLS on LDAP with freeradius 2.0.1

Hello, I know that my problem is so simple that I should be ashamed to ask help, but I have to say that I can't find a good way to do what I want to do. With the previous release of freeradius 1.1.7, I could do the following things: - people with a correct outer identity and inner identity

Re: EAP/TTLS on LDAP with freeradius 2.0.1

hi Thierry, on your /etc/raddb/users file, you can put the follwing to copy the inner identity to the outer identity (works with freeradius 1 and 2): DEFAULT FreeRADIUS-Proxied-To == 127.0.0.1 User-Name := `%{User-Name}`, Fall-Through = yes Thierry CHICH [EMAIL PROTECTED] a

Re: EAP/TTLS on LDAP with freeradius 2.0.1

Thierry CHICH wrote: With the previous release of freeradius 1.1.7, I could do the following things: - people with a correct outer identity and inner identity (login/password) could be authorized and authenticate on a LDAP server, using an EAP-TTLS tunnel, obtained a WPA key. - with the

Re: EAP/TTLS on LDAP with freeradius 2.0.1

Le mercredi 06 février 2008, Alan DeKok a écrit : Thierry CHICH wrote: With the previous release of freeradius 1.1.7, I could do the following things: - people with a correct outer identity and inner identity (login/password) could be authorized and authenticate on a LDAP server, using

Re: EAP/TTLS on LDAP with freeradius 2.0.1

Thierry CHICH wrote: However, it the accounting is always done with the outer identity ... Login OK: [EMAIL PROTECTED]/] (from client ap-rectorat02 port 0) +- entering group post-auth expand: %{request.User-Name} - That's a typo. It should be ... %{request:User-Name}