PEAP Inner-tunnel can't match a user in the "users" file with some check attributes

Difan Zhao difan.zhao at guest-tek.com
Sat Nov 19 01:36:37 CET 2011


Hi gents,

I have an issue that whenever I have check attributes such as NAS-IP-Address or NAS-Port-Type, my PEAP fails... The same config works for MD5... I'm running FreeRADIUS Version 2.1.7.

--- users ---
"phone" User-Name =~ "phone", Cleartext-Password := "mykey", NAS-IP-Address == "10.143.115.14"
        Tunnel-Private-Group-Id := "654", Tunnel-Type := "VLAN", Tunnel-Medium-Type := "IEEE-802", Tunnel-Preference := "0"

All other configs are mostly default.

Everything works once I removed NAS-IP-Address == "10.143.115.14". However I do need to check against from which switch/NAS the request is coming from... It seems that those attributes are outside of the "tunnel". How can I copy them in the "tunnel" (does this make sense to you guys)?? My debug output is attached.

Thank you and have a good weekend!
Difan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20111119/a18090e4/attachment.html>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: radius -X.txt
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20111119/a18090e4/attachment.txt>


More information about the Freeradius-Users mailing list