Seem like both use_tunneled_reply option and update outer.reply in post-auth section have inconsistent behavior.- TTLS-PAP sent inner user-id in the Access-Accept.- PEAP failed due to identity mismatch. (debug output attached)Observed that,Additionally enable 'update outer.reply' in post-auth section for the inner-tunnel virtual server.- TTLS-PAP sent outer user-id in the Access-Accept instead. (debug output attached)- PEAP sent inner user-id in the Access-AcceptObserved that,- enable eap.conf use_tunneled_reply for both PEAP & TTLS- add a testing userTrying to find a configuration that allow accurate accounting when PEAP / TTLS having anonymous outer user-id.Using FR 2.2.3 with default configuration.
What would be the correct configuration to allow accurate accounting?Thanks.