Inner identity in accounting logs

Jonathan Gazeley jonathan.gazeley at
Tue Feb 3 14:03:33 CET 2009

Sorry to 'bump' my previous post. I'm at a loss as to why FreeRADIUS 
expands the username as expected, but why this username never makes it 
back to the NAS. Does anyone have any ideas?


Jonathan Gazeley wrote:
> I'm running FreeRADIUS 2.1.1.
> My config block in the post-auth section of the  inner-tunnel server 
> currently reads:
>        update outer.reply {
>                User-Name := "testing-%{User-Name}"
>        }
> FR does indeed appear to be using this block:
>    expand: testing-%{User-Name} -> testing-jg4461
> ++[outer.reply] returns ok
> Authenticating with outer ID "qwerty99" and inner ID "jg4461" gives 
> output as in the attached log, included to give context. The outer 
> server is "uobresnet" and the inner one is still called "inner-tunnel".
> So it seems to me like FR is doing what it is being asked to do, but 
> maybe this isn't the right thing. Previous tests showed that setting 
> the outer ID in the "uobresnet" server does make the NAS use the right 
> username.
> If anyone can shed any light on this, I'd be very grateful.
> Thanks,
> Jonathan
> Alan DeKok wrote:
>> Jonathan Gazeley wrote:
>>> When added in the "inner-tunnel" server, this block has no effect on 
>>> the
>>> content of the Access-Accept packets (as shown by radiusd -X).
>>   Which version are you running?  Is it *using* that entry you added?
>>   Alan DeKok.

More information about the Freeradius-Users mailing list