Sending Reply-Message in Access-Reject (PEAP/MSCHAPv2)
Phil Mayers
p.mayers at imperial.ac.uk
Tue May 24 17:11:41 CEST 2011
On 24/05/11 15:23, Martin Goldstone wrote:
> Yes, I have this in both the peap stanza and the ttls stanza. This
> seems to be fine when access is accepted, for example if I set a
> Reply-Message saying "Welcome" in the post-auth section of the
> inner-tunnel config, I see this in the final access-accept message.
> Also, the output from freeradius -X suggests that (in the case of a user
> rejection) it gets the reply from the tunnel and that tunneled
Ah, damn...
I've just remembered - the PEAP code doesn't save the attributes on
reject :o(
As you mentioned in your original email, the outer tunnel code doesn't
have any of the "useful" info so can only set a generic message.
More information about the Freeradius-Users
mailing list