I made the following setting as suggested in the mail:
1. Update outer reply in file inner-tunnel, post auth: update outer.reply { User-Name = "%{request:User-Name}" } 2. Set "use_tunneled_reply=yes" in file eap
IIRC, when you set use_tunneled_reply to yes, all updates to outer.reply are ignored and the >outer reply is filled with attributes from the original Access-Request. That's why you get User->Name filled with the outer anonymous identity. Try setting that to no and filling the outer reply >with any other attributes you need in that update outer.reply block.
It doesn't work with "use_tunneled_reply=no" in my case, no matter what I set for outer reply. But I finally get it worked. See my another reply in this thread. Fu-Keung