[RADIATOR] Detect if EAP is done for loging

Heikki Vatiainen hvn at open.com.au
Fri Sep 20 15:42:30 UTC 2019


On 20/09/2019 16.05, Dubravko Penezic wrote:

> is it possible to detect if <AuthBy LDAP2> did EAP or just do simple
> authentication ?

With AuthLog you could consider specials %x, %X and %{EAPTLS:Protocol}. 
The last one is tells TLS version for TLS based EAP methods, such as 
EAP-TTLS and PEAP.

Another possibility would be to use separate Handler for EAP and use a 
different AuthLog within this Handler. Then you could have EAP 
authentication logs, for example, in a separate file.

Thanks,
Heikki

-- 
Heikki Vatiainen <hvn at open.com.au>

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, TACACS+, PAM, Active Directory,
EAP, TLS, TTLS, PEAP, WiMAX, RSA, Vasco, Yubikey, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, etc.


More information about the radiator mailing list