Hi everybody!
My first question was the following:
>
I would like to know if there is an option to specify
the proxy not deleting the VSA located in the access-reject response of
the server >when the proxy send the access-reject to the client?(keep
the VSA)
>Clearer, currently, my Radius server send to the proxy an
access-reject with VSA and when the proxy receive these packet, it send
the >same packet to the client so an access-reject packet but with no
VSA (it seem to delete them).
>So currently, i have:
>Server Radius>>>packet access-reject with VSA>>>>Proxy Radius>>>packet access-reject without VSA>>>>>>
Client Radius
>So what i would like is:
>Server Radius>>>packet access-reject with VSA>>>>Proxy Radius>>>packet access-reject with VSA>>>>>>
Client Radius
>Thank you in advance
So after that we told me to modify the function rfc_clean in the source code util.c.
i've edited the function rfc_clean() in the source code
(src/main/util.c) by adding the following line (in bold) but it
doesn't work (the client don't receive the VSA:
case PW_AUTHENTICATION_REJECT:
pairmove2(&vps, &(packet->vps), PW_EAP_MESSAGE);
pairmove2(&vps, &(packet->vps), PW_MESSAGE_AUTHENTICATOR);
pairmove2(&vps, &(packet->vps), PW_REPLY_MESSAGE);
pairmove2(&vps, &(packet->vps), PW_VENDOR_SPECIFIC);
Could you please tell me what is wrong? have i to add something else in this procedure?Is there another file to modify?
Thanks in advance for your answer!