inner/outer authentication problem in 2.0.2

Alan DeKok aland at deployingradius.com
Thu Jun 12 07:32:34 CEST 2008


Gopinath Reddy N wrote:
> But by way of hack if user knows some other valid user name in the
> system he can use that as outer identity and get the policy setting of
> that user. So to avoid that Iam just thinking is there a way I can come
> out of this situation in freeradius

  Yes.  That's why the inner and outer sessions are in different virtual
servers.  Put the policy into the virtual server for the inner tunnel,
and not for the outer session.

  Alan DeKok.



More information about the Freeradius-Users mailing list