Accounting and anonymous outer identity in EAP-TTLS

Alan DeKok aland at ox.org
Fri Oct 28 22:12:04 CEST 2005


Damjan <gdamjan at mail.net.mk> wrote:
> Shouldn't the := operator in "user" replace the User-Name = "anonymous",
> or it doesn't because files is before sql in the authorize section, and
> my users are in the MySQL database?

  Yes, and it shouldn't matter that the users are in SQL.

  I suspect that something else is adding the "anonymous" username in
the reply.  The EAP module does this, but it checks to see if a
User-name already exists.  If so, it doesn't copy it.

  I would say read the debug log for one of these sessions.  It won't
tell you when it adds the two usernames, but it will tell you which
modules run, and what they do.  You can use that information to walk
through the configuration by hand, to see what's going on, and why.

  Alan DeKok.




More information about the Freeradius-Users mailing list