Auth-Type :- Reject in users file matches inner tunnel request but sends Access-Accept

Matthew Newton mcn4 at leicester.ac.uk
Wed Jun 13 12:33:56 CEST 2012


On Tue, Jun 12, 2012 at 03:21:22PM -0700, Michael Gorven wrote:
> On 12/06/2012 14:08 PDT, Alan DeKok wrote:
> >   Note that everything BUT the Reply-Message belongs on the first line
> > with the "DEFAULT".  The Reply-Message belongs on the second line.
> 
> *sigh*, moving the Auth-Type :- Reject to the first line fixed this. I
> thought that Auth-Type was a reply item and therefore went on the second
> line. Thank you for your assistance.

Rather than test FreeRADIUS-Proxied-To == "127.0.0.1", you might
also want to consider having a separate 'files' module instance
just for the inner tunnel instead. Then you won't be checking this
stuff for the anonymous user in the outer anyway.

Matthew


-- 
Matthew Newton, Ph.D. <mcn4 at le.ac.uk>

Systems Architect (UNIX and Networks), Network Services,
I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom

For IT help contact helpdesk extn. 2253, <ithelp at le.ac.uk>


More information about the Freeradius-Users mailing list