Log file differentiation
Alexander Clouter
alex at digriz.org.uk
Thu Sep 17 00:25:23 CEST 2009
Hi,
Nathan McDavit-Van Fleet <nmcdavit at alcor.concordia.ca> wrote:
>
> Is there anyway to have Freeradius log whether a connection is either PEAP
> or TTLS in the log file? Both of them indicated that it is through a TLS
> tunnel with no indication of the differences. FYI they are coming through
> the same NAS server.
>
As far as I know, only if the EAP part terminates on your RADIUS server,
for use I use (on a EAP virtual server) something like:
update outer.control {
EAP-Type := "%{EAP-Type}"
}
Then on the outside layer you should find in post-auth that
'%{control:EAP-Type}' has what you are after.
It's harder to get the phase2 auth (also worth doing) out to the
outer most post-auth section using a similar method, but possible.
Cheers
--
Alexander Clouter
.sigmonster says: boy, n:
A noise with dirt on it.
More information about the Freeradius-Users
mailing list