On 10/26/2011 02:49 PM, freeradius-users-request@lists.freeradius.org wrote:
On Access-Accept, store the unencrypted User-Name in the DB, along with a Class attribute. When you receive an accounting packet, look up the Class attribute to find the unencrypted User-Name. Thanks
I notice when running in debug mode, I have: [ttls] Got tunneled request User-Name = "testairspan@iconnect.zm" User-Password = "airspan" FreeRADIUS-Proxied-To = 127.0.0.1 [ttls] Sending tunneled request User-Name = "testairspan@iconnect.zm" User-Password = "airspan" FreeRADIUS-Proxied-To = 127.0.0.1 Calling-Station-Id = "00-1f-fb-20-7b-0e" Service-Type = Framed-User NAS-Port-Type = Wireless-802.16 WiMAX-Release = "1.0" ... ... ... [sql] expand: %{User-Name} -> testairspan@iconnect.zm [sql] sql_set_user escaped user --> 'testairspan@iconnect.zm' The user is then correctly authenticated and receives the relevant parameters What attribute contains the unencrypted username, and at which stage of the inner-tunnel session can I retrieve it?
That's pretty much the only way with WiMAX.
Alan DeKok