26 Oct
2011
26 Oct
'11
8:16 a.m.
James T. Mugauri wrote:
I have managed to auth a Greenpacket WiMAX MS via an eap ttls tunnel. Thanks to Alan's direction earlier, I can also send the service flow definitions correctly.
That's good.
I have now found that subsequent db writes (and logging) associated with accounting and postauth functions are the encrypted values (available in the tunnel?). Is there a way to ensure that the plaintext values are used with all subsequent logging actions?
Use a DB. On Access-Accept, store the unencrypted User-Name in the DB, along with a Class attribute. When you receive an accounting packet, look up the Class attribute to find the unencrypted User-Name. That's pretty much the only way with WiMAX. Alan DeKok.