(RADIATOR) PEAP proxy authentication
Denis Pavani
d.pavani at cineca.it
Tue Apr 20 04:31:32 CDT 2004
Perhaps this is an off-topic...
In our company we are using Wireless 802.1x authentication: methods
EAP-TLS and EAP-TTLS
All ok and working with Radiator 3.7.1 and LDAP2 on backend.
We are trying to support PEAP, but I have to process authentication on a
Windows 2003 AD, so Windows administrators configured a IAS and I proxy
requests to IAS server.
This way:
<Handler TunnelledByPEAP=1>
<AuthBy RADIUS>
.....
</AuthBy>
</Handler>
<Handler= "match AP addresses">
AuthByPolicy ContinueUntilAccept
<AuthBy RADIUS>
.....
</AuthBy>
<AuthBy LDAP2>
.......
</AuthBy>
</Handler>
All works fine for EAP-TLS and EAP-TTLS (this is good indeed ;-D ) and
it works first time a client uses PEAP as I send to IAS server a
complete PEAP request. But if you try to acceed later, damn windows
client does not seem to send the whole request, but tries immediately
inner authentication.
Did someone see the same behaviour?
Any suggestions apart killing Windows admins and burning all their
servers? ;-)
Regards and thanks in advance.
--
************************************************************************
Denis Pavani
CINECA - Comunicazioni e Sistemi Distribuiti
NOC - Network Operations Center
phone:+39 0516171953 / fax:+39 0516132198
http://www.cineca.it
************************************************************************
"Siamo pagati per adattarci, improvvisare e raggiungere lo scopo"
-- Gunny Highway
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list