Dynamic VLANing and anonymous identity on re-auth?
Palmer J.D.F.
J.D.F.Palmer at swansea.ac.uk
Mon Nov 2 15:21:22 CET 2009
Hi all,
Is it possible to use anonymous outer identities with dynamic VLANing?
We have a problem with reauths when using anonymous outers, the initial
login is fine and the VLAN is assigned using sql.authorize, but re-auths
only seem to use the outer identity and hence no VLAN information is
sent back in the access-accept packet.
On a reauth, the only mention I see of the real username is...
[peap] Adding cached attributes to the reply:
User-Name = "test-user"
[eap] Freeing handler
++[eap] returns ok
Login OK: [anonymous at swansea.ac.uk] (from client wism port 29 cli
00-26-69-04-a7-f7)
Is it possible to capture this brief appearance of the real username to
run the sql.authorize to get the correct VLAN info?
Fast re-auth is disabled in experimental.conf (FR 2.1.7)
Many thanks,
Jezz Palmer.
-------------------------------------
Jezz Palmer
Library & Information Services
Swansea University
Singleton Park
Swansea
SA2 8PP
-------------------------------------
More information about the Freeradius-Users
mailing list