Copy User-Name from inner-tunnel to default only once
Sven Hartge
sven at svenhartge.de
Thu Nov 19 14:52:59 CET 2020
On 19.11.20 14:17, Alan Buxey wrote:
>> Is there a more elegant or simpler way to achieve this I didn't
>> see?
> yes, use a different pair of 'default/inner-tunnel' servers with
> their own policies for eduroam traffic (ie requests that come from
> the national proxies and where the reply is thus sent out to them)
> -after all, you also dont need to be checking/settingVLANs for such
> requests either
The problem here is not the difference to Eduroam (I filter out the VLAN
attributes at a different stage I didn't show here) but that the default
configuration will create
reply {
User-Name = "eduroam at thm.de"
USer-Name = "foob42 at thm.de"
[...]
}
when I keep the inner-tunnel-User-Name in reply.session-state and the
Aruba Mobility Controller don't like this at all.
Splitting out Eduroam into a different pair of vhosts will not solve this.
Grüße,
Sven.
More information about the Freeradius-Users
mailing list