Let me just say I got 802.1x working with PEAP/MSCHAPv2 -> NTLM
authentication
The issue is we have 2 domains on our network and want to be able to have the
single 802.1x authentication, sorted by domain authenticate and return the
correct vlan for the user... I couldn't figure a way out to
Hello Chris -
Could you please explain in detail what exactly you are trying to accomplish?
It sounds like you are authenticating against Active Directory but you are
running Radiator on Linux?
Can you tell us how you differentiate between the 2 domains?
We can make better suggestions if we c
2 domains are on 2 seperate vlans... for authentication i'm filtering it by the
handler Domain1\myuser Domain2\myuser if domain1 then process it via NTLM
locally, if the second domain forward to secondary radius that has an interface
on domain2 and is part of domain2's domain.
This is being don
Hello Chris -
OK - this is what I had imagined.
What I would suggest is running Microsoft NPS on each domain, then just proxy
the inner requests to the corresponding NPS.
In this case the inner requests are just straight MSCHAP-V2.
Something like this:
Foreground
LogStdout
LogDir /etc/radia
How does this differ from what I'm already doing The primary domains
working the secondary domain is getting a response from the other radius after
the second radius polls NTLM...it responds with an access accept but for some
reason the main server gets the accept but then the eap challenge