Accounting Packets and Anonymous Identity
Nick Lowe
nick.lowe at gmail.com
Sat Feb 4 22:54:39 CET 2017
Some options:
1) If the NAS puts an Acct-Session-Id in the Access-Request packets,
use this to link auth to subsequent accounting. (Many NASes don't
support doing this.)
2) Use a Class attribute to link auth to subsequent accounting.
(Requires that the NAS support this, some have trouble where there is
more than one Class attribute.)
3) Return a User-Name attribute in the Access-Accept containing the
inner identity. (Requires that the NAS support this, and this
partially compromises identity privacy.)
More information about the Freeradius-Users
mailing list