Freeradius accounting of inner identity when using PEAP
Alan DeKok
aland at deployingradius.com
Tue Dec 27 16:20:45 CET 2011
Pietro Accerboni wrote:
> The problem arises from the tunneled nature of PEAP. Accounting works, i
> guess, only on the esternal attribute User-Name, so all users that
> (correctly) configure outer identity with a generic 'anonymous' is
> logged in the accounting session with the same, useless, username:
You can send a User-Name back in the Access-Accept. The NAS will use
it for accounting.
> Is there some practical way to get this information from freeradius or,
> better, 'link' this information with the Accounting-Request packets i
> get from the nas after the authentication phase?
See eap.conf. Set "use_tunneled_reply"
Alan DeKok.
More information about the Freeradius-Users
mailing list