RES: Incorrect username being registered by freeradius

Alan DeKok aland at
Tue Jun 23 17:46:31 CEST 2020

On Jun 23, 2020, at 11:34 AM, Daniel Guimaraes Pena <daniel.pena at> wrote:
> Thanks for anwaring, Alan, you were right: that is his MAC Address.


> Until this moment, no mac address appeared at radacct table, so I don’t have debug for that yet.
> For this, if I may ask, why user is registered in radacct table with mac address but in radius log appears his real username?

  Because the NAS sends accounting packets which contain the MAC address in the User-Name field.  And, it sends authentication packets which contain the real name in the User-Name field.

  FreeRADIUS does NOT control this.  It's at the mercy of whatever the NAS sends.

> Reading debug, real login is "luciana.nogueira"
> Here the debug log for this entry:
> =~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2020.06.23 12:21:07 =~=~=~=~=~=~=~=~=~=~=~=
> grep -E "\(4925[7-9]\)|\(4926[0-7]\)" debug.log 
> (49257) Received Access-Request Id 151 from to length 151
> (49257)   User-Name = "347117"
> (49257)   NAS-IP-Address =
> (49257)   NAS-Port = 2
> (49257)   Called-Station-Id = "5C-D9-98-14-37-48:MPDFT"
> (49257)   Calling-Station-Id = "48-49-C7-71-79-66"
> (49257)   Framed-MTU = 1400
> (49257)   NAS-Port-Type = Wireless-802.11
> (49257)   Connect-Info = "CONNECT 54Mbps 802.11g"
> (49257)   EAP-Message = 0x0200000b01333437313137

  The end-user machine is creating that EAP-Message.  Which contains "34717" as the name.  i.e. hex 333437313137 is "34717"

  In order to fix that, you need to fix the end users machine to send a real name.  There is nothing you can do to the NAS or FreeRADIUS to fix this issue.

  Generally, the outer user name should be something like "", or "anonymous".

  The inner-tunnel is receiving the name "luciana.nogueira", which is fine.

  Alan DeKok.

More information about the Freeradius-Users mailing list