having filter-id sent on an eap response

[Dan Newcombe]

It's tired and I'm late or something like that :)
Thanks to Alan's help, things are now resolving to the IAS server as 
mentioned in my previous posts and configs.

The switches seem to be receiving the Access-Accept packets as they are 
marking the ports as authenticated with the correct user id.   However, 
I'm also trying to pass back a filter-id so the switch can change the 
policy on the port the user has authenticated on.

The IAS server returns this just fine, and when using radclient, my 
proxied request returns:
Sending Access-Accept of id 219 to 172.25.7.11:1024
        Filter-Id = "Enterasys:version=1:mgmt=su:policy=Administrator"
        Callback-Number = ""
        Service-Type = Framed-User
        Class = 
0x570b067a000001370001a81cf03c01c5e5644a584e9e00000000000001b2

However, when my XP machine tries to authenticate with PEAP/MS-CHAPv2, 
everything goes to the IAS server, and the Filter-ID is passed back from 
the IAS server to freeradius, however
Sending Access-Accept of id 9 to 172.25.7.11:1024
        MS-MPPE-Recv-Key = 
0x50c3bedb696d476e8ed66808b5a2e452a6554fa470ca566bd77fc6d8c170e277
        MS-MPPE-Send-Key = 
0x1bd55848cc4c172fece6e24a9fb00f91652e74bbf509eef674948bd2c6e4cea1
        EAP-Message = 0x03090004
        Message-Authenticator = 0x00000000000000000000000000000000
        User-Name = "CCSU\\testuser"

is what gets sent to the switch/NAS.  

I'm sure this is just my lack of understanding of the PEAP process, but 
what am I missing to have the other attributes go back out with the 
Access-Accept?

Thanks all!
    -Dan