...
FreeRADIUS
packages: freeradius
Modified /etc/freeradius/3.0/mods-available/eap:
commented the following:
Code Block |
---|
....
# md5 {
# }
....
# leap {
# }
....
# gtc {
# # The default challenge, which many clients
# # ignore..
# #challenge = "Password: "
#
# # The plain-text response which comes back
# # is put into a User-Password attribute,
# # and passed to another module for
# # authentication. This allows the EAP-GTC
# # response to be checked against plain-text,
# # or crypt'd passwords.
# #
# # If you say "Local" instead of "PAP", then
# # the module will look for a User-Password
# # configured for the request, and do the
# # authentication itself.
# #
# auth_type = PAP
# }
....
# tls {
# # Point to the common TLS configuration
# tls = tls-common
#
# #
# # As part of checking a client certificate, the EAP-TLS
# # sets some attributes such as TLS-Client-Cert-CN. This
# # virtual server has access to these attributes, and can
# # be used to accept or reject the request.
# #
# # virtual_server = check-eap-tls
# }
.... |
modified the 'default_eap_type' directive under section 'eap' to be:
Code Block |
---|
default_eap_type = peap |
and the 'default_eap_type' directive under section 'ttls' to be:
Code Block |
---|
default_eap_type = mschapv2 |
Certificates
MySQL
Python module / script_launcher.py script
...
Code Block | ||
---|---|---|
| ||
... # Add this line just after 'sql' in the 'post-auth' section python ... |
...
Modify /etc/freeradius/3.0/mods-available/eap, modified the 'copy_request_to_tunnel' directive under both sections 'peap' and 'ttls' to be:
Code Block |
---|
copy_request_to_tunnel = yes |
Place the script_launcher.py script at /etc/freeradius/3.0/mods-config/python/script_launcher.py
...