Inner identity in accounting logs
Alan DeKok
aland at deployingradius.com
Thu Jan 22 09:23:21 CET 2009
Jonathan Gazeley wrote:
> I have an existing FreeRadius setup for an 802.1x wireless network.
> Currently the accounting is done to a MySQL database. Presently, the
> username appearing in these records is the outer identity. I want to use
> the authenticated inner identity, such that I can rely on my accounting
> data e.g. for billing.
Update the reply. In the "inner-tunnel" server, "post-auth" section, add:
...
update outer.reply {
User-Name = "%{User-Name}"
}
...
> I know that accounting packets are not sent through the inner-tunnel and
> so I can't simply move my accounting to the inner-tunnel. I suppose what
> I'm after is a way to tie a session at authentication to the associated
> session in accounting. Is there any sort of ID that is used both in
> inner-tunnel authentication and accounting, that can be relied upon?
Tell the NAS which User-Name you want to see in the accounting
packets. Most NASes support this feature.
Alan DeKok.
More information about the Freeradius-Users
mailing list