[RADIATOR] Extracting certificates info for EAP PEAP,TTLS,TLS
Christian Kratzer
ck-lists at cksoft.de
Tue Feb 24 05:12:33 CST 2015
Hi Sami,
We made progress with our setup thanks to your previous tips.
We now have following setup simplyfied a bit:
<Handler TunnelledByPEAP=1>
Identifier TunnelledByPEAP=1
AuthByPolicy ContinueWhileAccept
AuthBy SQLauthenticate
AuthBy INTERNALextractFunnyStuffFromRequest
AuthBy SQLauthorize
</Handler>
<Handler>
Identifier Outer
AuthBy FILE
</Handler>
the issue we are currently chasing is that the customer also wants
failed authentications to proceed into SQLauthorize so he can possible
put people into a walled garden with specific reply attributes.
The issue seems to be that when MS-CHAP2 fails in TunneledByPeap it
seems to kill the EAP session and authentication terminates.
Subsequent packets are not forwarded to the tunneled handler by the
outer handler.
Do you have a suggestion how to accomplish authorization after failed
chap authentication.
Terveisin
Christian
--
Christian Kratzer CK Software GmbH
Email: ck at cksoft.de Wildberger Weg 24/2
Phone: +49 7032 893 997 - 0 D-71126 Gaeufelden
Fax: +49 7032 893 997 - 9 HRB 245288, Amtsgericht Stuttgart
Mobile: +49 171 1947 843 Geschaeftsfuehrer: Christian Kratzer
Web: http://www.cksoft.de/
More information about the radiator
mailing list