rlm_realm doesn't strip the username
Tomasz Zieleniewski
tzieleniewski at gmail.com
Fri Oct 12 16:51:49 CEST 2007
Thank you Alan
I updated to 2.0.0-pre2. But now I have some errors and I can' tcheck
again:)
Now when my NAS sends the Accounting request or I try to run 'radtest' tool,
the verification fails.
I didn't change anything in the configuration and in the database. I have
the same NAS configuration.
I get the following error in the debug mode:
Ignoring request to authentication address * 1812 from unknown client
127.0.0.1 port 37391
Please point me what do I missed:)
Best regards
tomasz
Tomasz Zieleniewski wrote:
> > I am using radius version 2.0.0-pre0.
> > I have the following problem that when I receive the Accounting-Request
> > with the username whose domain part is not checked with any of my realm
> > defined in the proxy.conf file. The username is not stripped.
> > I use the suffix rule for domain: 'username at domain" in my realm module
> > and I inoke it in preacct in radiusd.conf.
> > I have the DEFAULT realm defined and it doesn't have the nostrip option
> > activated.
> > So I think when there is no domain match the username should also be
> > stripped??
>
> Likely, yes. What does debug mode say?
>
> You could also try running CVS head, which has a number of fixes over
> 2.0-pre0.
>
> Alan DeKok.
>
>
> ------------------------------
>
> Message: 10
> Date: Fri, 12 Oct 2007 10:16:43 -0300
> From: "Sergio Belkin" <sebelk at gmail.com>
> Subject: Re: TLS fatal access_denied
> To: "FreeRadius users mailing list"
> <freeradius-users at lists.freeradius.org>
> Message-ID:
> <8c6f7f450710120616t48014e18g8c02184fdaef6b97 at mail.gmail.com>
> Content-Type: text/plain; charset=ISO-8859-1
>
> 2007/10/11, tnt at kalik.co.yu <tnt at kalik.co.yu>:
> > How sure are you that you are using EAP-TTLS?
> >
> > > rlm_eap: EAP NAK
> > > rlm_eap: EAP-NAK asked for EAP-Type/peap <==
> >
> > Ivan Kalik
> > Kalik Informatika ISP
> >
> > -
> > List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
> >
>
> I am pretty sure because I has default_eap_type = ttls. I've just
> fixed, it was a problem of certificates...
>
> thanks-
>
> --
> --
> Sergio Belkin -
>
>
> ------------------------------
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
>
> End of Freeradius-Users Digest, Vol 30, Issue 49
> ************************************************
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20071012/c57ad3d5/attachment.html>
More information about the Freeradius-Users
mailing list