[RADIATOR] radiator never gets to the 2nd authentication phase in PEAP - MSCHAPv2
Christian Kratzer
ck-lists at cksoft.de
Tue Jan 26 09:40:24 CST 2016
Hi,
On Tue, 26 Jan 2016, Hugo Veiga wrote:
> In my original message I have by mistake a AuthBy INTERNAL in the outter
> authentication it's actually a AuthBy SQL clause.
which is exactly why I made you test your 4.9 case.
AuthBy SQL supports EAP.
AuthBy FILE also supports EAP.
and as Heikki said before: AuthBy INTERNAL does not.
>
>
> This is trace from radiator 4.9.
>
> Tue Jan 26 15:01:15 2016: DEBUG: Handling request with Handler
> 'Realm=/^convidado$/i', Identifier ''
> Tue Jan 26 15:01:15 2016: DEBUG: Deleting session for 1745 at convidado,
> 10.240.1.1, 54482
> Tue Jan 26 15:01:15 2016: DEBUG: Handling with Radius::AuthSQL:
> SQLAccounting
> Tue Jan 26 15:01:15 2016: DEBUG: AuthBy SQL result: IGNORE, Ignored due to
> IgnoreAuthentication
> Tue Jan 26 15:01:15 2016: DEBUG: Handling with Radius::AuthSQL: PEAP_CONVIDADO
> Tue Jan 26 15:01:15 2016: DEBUG: Handling with Radius::AuthSQL: PEAP_CONVIDADO
this is proof that the first packet is going into an AuthSQL. In your
4.16 example it was going into your AuthBy INTERNAL handler.
Your old configuration should from 4.9 should run on 4.16. Just do not
put swap your AuthBy FILE or AuthBy SQL for an AuthBy INTERNAL.
Greetings
Christian
--
Christian Kratzer CK Software GmbH
Email: ck at cksoft.de Wildberger Weg 24/2
Phone: +49 7032 893 997 - 0 D-71126 Gaeufelden
Fax: +49 7032 893 997 - 9 HRB 245288, Amtsgericht Stuttgart
Mobile: +49 171 1947 843 Geschaeftsfuehrer: Christian Kratzer
Web: http://www.cksoft.de/
More information about the radiator
mailing list