Best Practices of Embedded Software Development and Testing: How to Enable EAP-PEAP with Radius VLAN Attributes in Free-Radius Server

Issue: We wanted to use EAP-PEAP with Radius VLAN Attributes in Free-Radius Server, it was authenticating with user name and password but VLAN attributes were not seen in Radius-Accept packet.

users.conf

username   Cleartext-Password := "passwd"

           Tunnel-Type = VLAN,
           Tunnel-Medium-Type = IEEE-802,
           Tunnel-Private-Group-Id = "200"

Resolution:

We need to enable use_tunneled_reply in peap section of eap.conf

peap {
default_eap_type = mschapv2
copy_request_to_tunnel = no
use_tunneled_reply = yes
virtual_server = "inner-tunnel"
}

Ref:

http://lists.freeradius.org/pipermail/freeradius-users/2009-December/043707.html

Best Practices of Embedded Software Development and Testing

About Me

Thursday 29 January 2015

How to Enable EAP-PEAP with Radius VLAN Attributes in Free-Radius Server