(RADIATOR) EAP-TTLS and Radmin accounting
Nacho Paredes
iparedes at eurocomercial.es
Fri Apr 15 11:11:43 CDT 2005
Hello all,
I want EAP-TTLS authentication and Radmin administration and accounting.
Firstly I made a rough approach to the config file as follows:
<Realm wireless>
<AuthBy File>
Filename /etc...
(EAP Options)
</AuthBy>
</Realm>
<Handler TunnelledByTTLS=1>
AuthByPolicy ContinueWhileAccept
<AuthBy RADMIN>
blah, blah, blah
</AuthBy>
</Handler>
I append @wireless to every request coming from the access point. So the
outer authentication is handled by <Realm wireless>. I created a simple user
file which just contains an anonymous user with no password, so it always
authenticates.
Then the inner authentication is handled by the TunnelledByttls which goes
against the Radmin database.
This works fine with authentication, but since the accounting requests will
be handled by <Realm wireless>, nothing will go to the Radmin database.
So I've replaced the <AuthBy File> with another <AuthBy Radmin> (and added
an anonymous user to the Radmin database)
Now, despite some problems with the hooks for the anonymous accounting, it
works fine, but I find the following problems:
It is not very elegant
An user which logs as anonymous is always authenticated
Could you please tell me what am I missing to get a propoer EAP-TTLS
authentication and Radmin accounting?
Thanks on advance
--------------------------------------------------------------------
Ignacio Paredes | email: iparedes at eurocomercial.es
Eurocomercial I&C, S.A. | Tel: +34 98 5195703
Ezcurdia, 194 - Gijon (AS) | Fax: +34 98 5132596
--------------------------------------------------------------------
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list