<div dir="ltr">Thanks Alan. Got it working.<br><br>I've scoured the list and found your reply here in 2010 (<a href="http://lists.freeradius.org/pipermail/freeradius-users/2010-July/047686.html">http://lists.freeradius.org/pipermail/freeradius-users/2010-July/047686.html</a>). I'm having the same problem - has this been fixed? post-auth is not being executed in inner-tunnel when the user is <b>rejected</b>. As a result no reject entry is being written to the table from inner tunnel.Is there a way to make it execute? I'm running 2.1.10+dfsg-3ubuntu0.12.04.1.<br>
<br>#inner tunnel<br>..snip..<br>post-auth {<br>..snip..<br>sql<br>Post-Auth-Type REJECT {<br> # log failed authentications in SQL, too.<br> sql<br> attr_filter.access_reject<br>
}<br><br>update outer.reply {<br> User-Name = "%{request:User-Name}"<br>}<br><br>}<br><br><br>Thanks for all your help.<br></div><div class="gmail_extra"><br><br><div class="gmail_quote">On 14 January 2014 16:51, Alan DeKok <span dir="ltr"><<a href="mailto:aland@deployingradius.com" target="_blank">aland@deployingradius.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="im">P K wrote:<br>
> Thanks Alan. I understand now. I've created my own postauth table and<br>
> updated the sql query. My query is like this:<br>
<br>
</div> That should work.<br>
<div class="im"><br>
> outer.request:User-Name works when this query is being executed from<br>
> inner-tunnel but not in outer obviously. So I want to put an if<br>
> condition. I'm fine with the syntax but i'm struggling to determine<br>
> what to put a condition on. What variable should I look at to<br>
> determine if I'm in inner or outer tunnel? I was thinking<br>
> virtual-server .. not sure.<br>
<br>
</div> You put a condition on the expansion. See "man unlang"<br>
<br>
%{%{outer.request:User-Name}:-NONE}<br>
<div class="im"><br>
> Also I want to record protocol TTLS/PAP or PEAP/MSCHAP that has been<br>
> in action. What variable should I use for this?<br>
<br>
</div> outer.request:EAP-Type.<br>
<div class="im"><br>
> Is there a variable that would indicate the module that succeeded e.g<br>
> ldap, mysql etc. so that I could record it? Auth-Type??<br>
<br>
</div> No. Because the EAP module is doing authentication.<br>
<div class="HOEnZb"><div class="h5"><br>
Alan DeKok.<br>
-<br>
List info/subscribe/unsubscribe? See <a href="http://www.freeradius.org/list/users.html" target="_blank">http://www.freeradius.org/list/users.html</a><br>
</div></div></blockquote></div><br></div>