(RADIATOR) re: error "No Handler for TTLS inner authentication"
R.H.Hoek
r.h.hoek at utwente.nl
Thu Mar 16 03:30:30 CST 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> Hello Roel -
>
> Thanks for your mail.
>
> As you can see from the debug, the NAS-IP-Address is not passed in
> the inner request by default.
>
> If you want to add any attribute to the inner request you need to use
> a PreHandlerHook in the outer AuthBy clause.
>
> You can add the following in a file called "nas.pl" in your %D
> directory:
>
> sub { my $p = ${$_[0]};
> my $outer = $p->{outerRequest};
> my $nas = $outer->get_attr('NAS-IP-Address');
> $p->add_attr('NAS-IP-Address', $nas);
> &main::log($main::LOG_DEBUG, "NAS-IP-Address = $nas");
> return; }
>
> Then use this in your configuration file:
>
> <AuthBy FILE>
> .....
> PreHandlerHook file:"nas.pl"
> .....
> </AuthBy>
>
> I haven't tested the above, but you should get the idea.
It works!
thanks a lot.
(BTW, a better solution would be a client clause where you can use
subnetmasks, as asked for in previous threads....)
>
> hope that helps
>
> regards
>
> Hugh
>
>
> On 16 Mar 2006, at 03:29, R.H.Hoek wrote:
>
> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
>
>
> Hello,
>
> We are (also) using Radiator for authenticatien wireless users with
> EAP-TTLS. Because we have al lot of AccessPoints (600+), and
> including the clients via ClientListSQL, Radiator takes too lang to
> start (5min), I tried the next config. There is a Defaultclient with
> a special identifier. In the appropriate Handler this identifier is
> checked with the NAS-IP-Address. (in this case the fake range
> 10.10.108.0 -> 10.10.111.0) This range covers the AccessPoint
> IPrange.
[...]
- --
Groeten,
Roel H.Hoek,
Dienst Informatietechnologie, Bibliotheek en Educatie (ITBE)
Universiteit Twente, Postbus 217, 7500 AE Enschede
kmr SP 422, telefoon: 053 - 489 4598, fax: 053 - 489 2383
e-mail: R.H.Hoek at UTwente.NL http://www.utwente.nl/itbe
Jabber/Googletalk: rhhoek at gmail.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFEGTA2JwlRSGnYBcYRAuSTAKCQDFHQNeHOvi5JShAE+E7GYa/uEQCfdeM4
HX1y2GWcNct5JFOMw+3ydVo=
=5Dli
-----END PGP SIGNATURE-----
--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list