[prev in list] [next in list] [prev in thread] [next in thread]
List: freeradius-users
Subject: RE: How to force tunnel-xx information in access-accept packet ?
From: <Michel_Monchatre () dell ! com>
Date: 2015-11-23 6:37:57
Message-ID: 7C12113780B2F8438ED5FC7E0B185B062DE17B43 () SNNX10HMDC101 ! EMEA ! DELL ! COM
[Download RAW message or body]
Hi Matthew
Thanks for your answer,
I'll then install an up-to-date Linux OS with an up-to-date freeradius version and \
let you know about the results asap ..
Best regards
Michel
-----Original Message-----
From: Freeradius-Users \
[mailto:freeradius-users-bounces+michel_monchatre=dell.com@lists.freeradius.org] On \
Behalf Of Matthew Newton
Sent: jeudi 19 novembre 2015 13:45
To: FreeRadius users mailing list <freeradius-users@lists.freeradius.org>
Subject: Re: How to force tunnel-xx information in access-accept packet ?
On Thu, Nov 19, 2015 at 08:59:09AM +0000, Michel_Monchatre@dell.com wrote:
> I'm using version freeradius2-2.1.12-5.el5 ( on CentOS 511) with a
> Dell Networking Switch model N3024, and I want to assign the users in
> specific Vlans based on EAP authentication.
That version is very old. You should really upgrade to at least the latest 2.2 \
version (but v2 is end of life now).
> If the user's PC is authenticated with its MAC address ( MAB option on
> the switch) , there are very few Radius Packet exchange and the final
> access-accept packet contains correctly the Tunnel-Private-Group-ID,
> tunnel-Type and Tunnel-Medium-type informations
OK.
> But when I want to authenticate the users ( using login and paswsord
> ), there are a lot of access-challenge packet and the final
> access-accept packet does not contain anymore the
> tunnel-Private-group-id, etc informations.
>
> Is there a way to force freeradius to include again the missing
> information in the Access-accept packet ?
Many ways. It depends on where you want to get the information from, for example. \
Where does the existing data for MAC auth come from? The users file? A database?
> Which file(s) need to be modify and how ?
Depends on the above. Could be the users file for the simplest option.
You should send debug output (radiusd -X) for a working example and one that doesn't \
work at least so we have some idea on what you're doing.
Matthew
--
Matthew Newton, Ph.D. <mcn4@le.ac.uk>
Systems Specialist, Infrastructure Services, I.T. Services, University of Leicester, \
Leicester LE1 7RH, United Kingdom
For IT help contact helpdesk extn. 2253, <ithelp@le.ac.uk>
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Dell S.A, Siège Social 1 rond point Benjamin Franklin 34000 Montpellier.
Capital 1,782,769 Euros, 351 528 229 RCS Montpellier –APE 4651Z -TVA \
Intracommunautaire FR 20 351 528 229. SIRET 351 528 229 00096
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic