PEAP/MSCHAPv2, Post-Auth-Type REJECT {} of inner-tunnel is neverentered for access reject
Alan DeKok
aland at deployingradius.com
Fri Jul 9 09:11:31 CEST 2010
Fads Afds wrote:
> I tried to get the error-message of inner-tunnel by running sql query in "Post-Auth-Type Reject {} of default. The message field in radpostauth table is empty. The query seems cannot access %{inner.control:My-Err-Message} attribute.
> My question is: Can sql in default (outer session) access innner-server control attribute when the login is rejected? If the answer is no, would you hint me how I can get & log the error message of inner-session?
No, unfortunately not. *But* the "inner tunnel" server can copy them
from the inner to outer tunnel.
Alan DeKok.
More information about the Freeradius-Users
mailing list