well, looking from the log, your virtual_server doesnt appear to set any attribute in its post-auth stage. calling the right thing or SQL table?
post-auth, yes, see the virtual server config below. Remember TEST1 and TEST2 are the same virtual server, just proxying to them via different methods. That's why I was getting confused, They behave differently if you proxy to them in different ways.
my initial thought was your attr_filter wasnt allowing that attribute through from the virtual_server (much like it would strip it out if the domain/realm wasnt allowed - check pre-proxy and post-proxy parts)
No attr filters. Ok I think we're getting somewhere with the pre- and post- proxy parts. When I tried having the sql methods in there I got the following (Note 2 starts in debug 1 for pre, 1 for post) Module: Checking pre-proxy {...} for more modules to load /etc/freeradius/sites-enabled/test[59]: "SQL" modules aren't allowed in 'pre-proxy' sections -- they have no such method. /etc/freeradius/sites-enabled/test[58]: Errors parsing pre-proxy section. Module: Checking post-proxy {...} for more modules to load /etc/freeradius/sites-enabled/test[62]: "SQL" modules aren't allowed in 'post-proxy' sections -- they have no such method. /etc/freeradius/sites-enabled/test[61]: Errors parsing post-proxy section. server test { listen { # ipaddr = * ipaddr = 127.0.0.1 port = 11812 type = auth } listen { # ipaddr = * ipaddr = 127.0.0.1 port = 11813 type = acct } authorize { # preprocess sql expiration logintime pap } authenticate { Auth-Type PAP { pap } Auth-Type MD5 { pap } Auth-Type CHAP { chap } Auth-Type MS-CHAP { mschap } unix eap } preacct { preprocess acct_unique files } accounting { detail unix radutmp } session { radutmp # See "Simultaneous Use Checking Queries" in sql.conf # sql } post-auth { sql } pre-proxy { # sql } post-proxy { # sql # attr_rewrite eap } }