Fajar A. Nugraha-2 wrote
... and then on authorize section add something like this (just for check)
if ( (request:User-Name == "00:12:23:56:78:9A") && (control:Agent-Circuit-ID != "%{request:Agent-Circuit-ID}") ) { update control { Auth-Type := "Reject" } }
then use debug mode again. It should print out what it recognize control:Agent-Circuit-ID (which is from db) and request:Agent-Circuit-ID. Then you just need to edit entry on db to match what's on the request.
Construction shown above don't help me, because there was no output of control:Agent-Circuit-ID and request:Agent-Circuit-ID. But I use another construction: if (request:User-Name == "20:cf:30:e1:e6:29") { update control { Auth-Type := "Reject" } update reply { Context-Name := "%{control:Agent-Circuit-ID} %{request:Agent-Circuit-ID}" } } so in Acces-Reject I can see in Context-Name attribute both request and control attributes. And I have bad news. I got following: Context-Name = "0x 0x000403fc0017" Request attribute is OK, but control attribute is zero-length string. I think this is because first byte in string is 0, and Radius treat this as end-of-string. I tested this - I try to return attribute with only printable chars, and got it in Context-Name exactly as it stored in DB. So I urgently need help - how I can store needed value to adequately accepted by Radius? -- View this message in context: http://freeradius.1045715.n5.nabble.com/FreeRADIUS-MySQL-DHCP-Opt82-tp560614... Sent from the FreeRadius - User mailing list archive at Nabble.com.