Access Accept vs Tunneled reply

David Peterson davidp at wirelessconnections.net
Fri Mar 11 19:30:01 CET 2011


Please correct my assumption if I am off.... I have been working on getting
reply attributes sent out to define VLAN's etc on a WiMax NAS.  I see the
following in radiusd -X:

(3495) [ttls] Got tunneled reply code 2
        WiMAX-VLAN-ID := 192
        WiMAX-Classifer-Direction = Bi-Directional
        WiMAX-Classifer-Priority = 1
        WiMAX-ClassifierID = 1
        WiMAX-Downlink-QOS-Id = 1
        WiMAX-Uplink-QOS-Id = 1
        WiMAX-Transport-Type = Ethernet
        WiMAX-Direction = Bi-Directional
        WiMAX-Packet-Data-Flow-Id = 1
        WiMAX-QoS-Id = 1
        WiMAX-Schedule-Type = Best-Effort
        WiMAX-Maximum-Sustained-Traffic-Rate = 31457289
        WiMAX-R3-IF-Name = "vpws"
        WiMAX-PDFID = 1
        MS-CHAP2-Success =
0x1f533d38324436443835383335433145344237364441413938463137364443453038334643
374646363245
        MS-MPPE-Recv-Key = 0xaaa52b27b269158aa25a2c3c36612ec4
        MS-MPPE-Send-Key = 0xfd2e2270200bf84a3c9e34afe8eed5c1
        MS-MPPE-Encryption-Policy = Encryption-Allowed
        MS-MPPE-Encryption-Types = RC4-40or128-bit-Allowed
(3495) [ttls] Got tunneled Access-Accept

Which would suggest that I am sending those TLV's in a radius packet.
However, I ran Wireshark and do not see these TLV's in any radius packet.
What would stop freeradius from creating these TLV's in the packet.  I am
thinking my dictionary.wimax additions are to blame or perhaps I need to use
different operators.  Any thoughts would be greatly appreciated.

David

-----Original Message-----
From:
freeradius-users-bounces+david.peterson=acc-corp.net at lists.freeradius.org
[mailto:freeradius-users-bounces+david.peterson=acc-corp.net at lists.freeradiu
s.org] On Behalf Of David Peterson
Sent: Friday, March 11, 2011 11:55 AM
To: 'FreeRadius users mailing list'
Subject: RE: Access Accept vs Tunneled reply

I am wondering if it's a misconfiguration of a group reply.  I have those
attributes listed as a group-reply.  Would putting the attributes in the
normal vs the group reply put them in a different portion of the response?

David

-----Original Message-----
From:
freeradius-users-bounces+david.peterson=acc-corp.net at lists.freeradius.or
freeradius-users-bounces+g
[mailto:freeradius-users-bounces+david.peterson=acc-corp.net at lists.freeradiu
s.org] On Behalf Of Alexander Clouter
Sent: Friday, March 11, 2011 10:28 AM
To: freeradius-users at lists.freeradius.org
Subject: Re: Access Accept vs Tunneled reply

David Peterson <davidp at wirelessconnections.net> wrote:
>
> These values are unique per user.  Is there an elegant way to copy 
> this to the post-auth section?
>
The following might help?

http://lists.freeradius.org/mailman/htdig/freeradius-users/2011-January/msg0
0353.html

Cheers

--
Alexander Clouter
.sigmonster says: What garlic is to food, insanity is to art.

-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html

-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html




More information about the Freeradius-Users mailing list