inner vs outer User-Name
Alan DeKok
aland at deployingradius.com
Tue Feb 9 07:44:38 CET 2010
Kenneth Grady wrote:
> Is there any way to authorize a user using the inner-tunnel User-Name
> and not the outer?
Yes. Use the inner-tunnel virtual server.
> I get an outer User-Name of anonymous and a reject when searching for
> authorized users in an ldap group.
Because you're doing the LDAP group check in the outer tunnel... not
the inner tunnel.
> Mon Feb 8 12:53:21 2010
> Packet-Type = Access-Request
> User-Name = "anonymous"
Why are you posting these packets? The documentation specifically
asks for *other* information. It does not ask for pieces of a "detail"
file.
> /etc/raddb/sites-available/default
Have you tried using raddb/sites-available/inner-tunnel?
It's documented as the "inner tunnel" configuration.
Alan DeKok.
More information about the Freeradius-Users
mailing list