[RADIATOR] the use of TunnelledByTTLS=0 changed?

Roel Hoek r.h.hoek at utwente.nl
Mon May 23 04:46:29 CDT 2011


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

We are in a process of migrating our radius servers to another host. On
the old host we are running Radiator 3.17.1. On de new host we run 4.8

On the old server we make use of TunnelledByTTLS=0 to differentiate
between inner (TTLS,PEAP) and outer EAP authentication.:

<Handler Realm=fake.net,
Client-Identifier=/^WLAN-ID$|^LOCALHOST-ID$/,TunnelledByTTLS=0>
        <AuthBy FILE>
                EAPType TTLS,PEAP

                EAPTLS_CAFile /etc/radiator/pki/CAs/661141457_chain.pem
.
.
.
        </AuthBy>
</Handler>

<Handler Realm=/fake.net/,
Client-Identifier=/^WLAN-ID$|^LOCALHOST-ID$/,TunnelledByTTLS=1>
.
.
</Handler>


<Handler Realm=/fake.net/,
Client-Identifier=/^WLAN-ID$|^LOCALHOST-ID$/,TunnelledByPEAP=1>
.
.
</Handler>

It looks like TunnelledByTTLS is not set anymore and the right handler
can not be selected.

The problem can easily solved by changing the Handler order and remove
Handler check attribute TunnelledByTTLS=0.



- -- 

regards,

Roel Hoek
ICT Service Centre
University of Twente, P.O.Box 217, 7500 AE Enschede, The Netherlands
Telephone +31 53 489 4598, Fax +31 53 489 2383
R.H.Hoek at utwente.nl; http://www.utwente.nl/icts
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk3aLPMACgkQJwlRSGnYBcY8YwCgpuTTMYrwSZUYIDLyMvboB+up
NM4AnRZ7sAVwkmhGmXPPA1ZDAUlBcNoQ
=lUP4
-----END PGP SIGNATURE-----


More information about the radiator mailing list