On Jul 19, 2019, at 4:26 AM, Yuya Yanagi <peacefull64@gmail.com> wrote:
The description of rewrite_called_station_id was written to the authorize section of sites-available / default and sites-available / inner-tunnel to obtain a Called-Station-SSID to control the approval process.
Yes, we know that.
However, although the default file side could obtain the value of Called-Station-SSID, the process of rewrite_called_station_id became FALSE in the internal tunnel file, and the value of Called-Station-SSID could not be obtained.
Because there's no Calling-Station-Id in the inner tunnel. Reading the debug output will tell you this.
Since I am using EAP-TTLS authentication, I want to set the inner tunnel to branch control, but I can not use it.
You can use &outer.request:Called-Station-SSID to look up the value of the Called-Station-SSID attribute from the "inner-tunnel" virtual server. See "man unlang" for documentation on this.
If you have any advice, please let me know.
y.y
------------Debug log---------
Fri Jul 19 15:52:16 2019 : Debug: (0) Using Post-Auth-Type Challenge
See http://wiki.freeradius.org/list-help DO use "-X". DON'T use "-Xxxxxxxxxxxxx" That advice is in all of the documentation, and is posted to the list weekly, if not daily. Follow the documentation, Alan DeKok.