Dirty hack: --- freeradius-server-2.1.6.orig/src/modules/rlm_eap/types/rlm_eap_peap/peap.c 2009-05-18 17:13:55.000000000 +0600 +++ freeradius-server-2.1.6/src/modules/rlm_eap/types/rlm_eap_peap/peap.c 2009-11-03 17:42:21.000000000 +0500 @@ -312,26 +312,6 @@ static int process_reply(EAP_HANDLER *ha eappeap_success(handler, tls_session); rcode = RLM_MODULE_HANDLED; - /* - * If we've been told to use the attributes from - * the reply, then do so. - * - * WARNING: This may leak information about the - * tunneled user! - */ - if (t->use_tunneled_reply) { - RDEBUG2("Saving tunneled attributes for later"); - - /* - * Clean up the tunneled reply. - */ - pairdelete(&reply->vps, PW_PROXY_STATE); - pairdelete(&reply->vps, PW_EAP_MESSAGE); - pairdelete(&reply->vps, PW_MESSAGE_AUTHENTICATOR); - - t->accept_vps = reply->vps; - reply->vps = NULL; - } break; case PW_AUTHENTICATION_REJECT: it works...