Sam Schultz wrote:
I'm currently using EAP-TTLS & PAP (via SecureW2) to authorize & authenticate wireless clients against specific realms. Users are able to authorize & authenticate properly, but the username in incoming accounting replies come in as 'anonymous@<realmname>'.
You can set "User-Name" in the Access-Accept, and the NAS should use that in Accounting-Requests.
I had this spitting out proper accounting information before, and haven't changed any configuration options since putting it into production. The only conclusions I can come up with are:
1) The access points are buggy (3com OfficeConnects)
No.
2) FreeRADIUS doesn't keep track of connections properly -- either because it doesn't bother to replace anonymous entries with the previously seen identity for the given ID, or I haven't configured it to do so.
No. The problem is that the supplicant is sending "anonymous@..." as the User-Name. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog