Any interoperability issues with Aruba and Freeradius
alex.sharaz at york.ac.uk
Fri Feb 8 18:32:05 CET 2013
> * there is one problem that FreeRADIUS doesn't return the inner ID into the outer one when using EAP-TTLS (but does when using EAP-PEAP), but this is nothing Aruba-specific and probably a configuration error in FreeRADIUS on our part.
I've got a strange thing here as well. In the inner-tunnel config there's a commented option that says uncomment this if you want to pass back the inner user-name attribute to the outer level. I uncommented this on my 2.2 server and tested that things worked o.k. using windoze, os/x and iOS clients manually configured. I then used the test utility from wpa-supplicant to try different combinations of inner/outer user-names and that worked as well. Imagine my surprise when I connected with my iPhone which was configured using our XpressConnect setup which failed telling me that i had an identity mismatch. When I commented out the config option again, my iPhone started working again.
Interestingly enough even without the commented config, the User-Name appears in the outgoing Access-Accept packet. Haven't looked to see why yet, got other issues.
More information about the Freeradius-Users