accounting 'detail' file and EAP

Kris Benson kbenson at sd57.bc.ca
Mon Aug 1 02:35:06 CEST 2005


Hi all,

So I have FreeRadius set up (and working) to authenticate off an LDAP
installation.  Everything is great.

I even have EAP-TTLS/PAP working, so I don't have to store the plaintext
passwords.

I just have one problem now: accounting data.  Since I'm using TTLS, the
User-Name field is not the authenticated one, and is simply whatever the
user chose to put in for the outside-the-tunnel username.

Has anyone come up with a way to either A) ensure the outside username
matches the inside one (guaranteeing the outside one isn't falsified) or
B) log the accounting details with the tunnel information?

Any help would be appreciated -- thanks in advance.




-kb
--
Kris Benson, CCP, I.S.P.
Technical Analyst, District Projects
School District #57 (Prince George)




More information about the Freeradius-Users mailing list