Auth-Type :- Reject in users file matches inner tunnel request but sends Access-Accept
Matthew Newton
mcn4 at leicester.ac.uk
Wed Jun 13 12:33:56 CEST 2012
On Tue, Jun 12, 2012 at 03:21:22PM -0700, Michael Gorven wrote:
> On 12/06/2012 14:08 PDT, Alan DeKok wrote:
> > Note that everything BUT the Reply-Message belongs on the first line
> > with the "DEFAULT". The Reply-Message belongs on the second line.
>
> *sigh*, moving the Auth-Type :- Reject to the first line fixed this. I
> thought that Auth-Type was a reply item and therefore went on the second
> line. Thank you for your assistance.
Rather than test FreeRADIUS-Proxied-To == "127.0.0.1", you might
also want to consider having a separate 'files' module instance
just for the inner tunnel instead. Then you won't be checking this
stuff for the anonymous user in the outer anyway.
Matthew
--
Matthew Newton, Ph.D. <mcn4 at le.ac.uk>
Systems Architect (UNIX and Networks), Network Services,
I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom
For IT help contact helpdesk extn. 2253, <ithelp at le.ac.uk>
More information about the Freeradius-Users
mailing list