Any interoperability issues with Aruba and Freeradius

Alex Sharaz alex.sharaz at
Fri Feb 8 18:32:05 CET 2013

> * there is one problem that FreeRADIUS doesn't return the inner ID into the outer one when using EAP-TTLS (but does when using EAP-PEAP), but this is nothing Aruba-specific and probably a configuration error in FreeRADIUS on our part.

I've got a strange thing here as well. In the inner-tunnel config there's a commented option that says uncomment this if you want to pass back the inner user-name attribute to the outer level. I uncommented this on my 2.2 server and tested that things worked o.k. using windoze, os/x and iOS clients manually configured. I then used the test utility from wpa-supplicant to try different combinations of inner/outer user-names and that worked as well. Imagine my surprise when I connected with  my iPhone which was configured using our XpressConnect setup which failed telling me that i had an identity mismatch. When I commented out the config option again, my iPhone started working again.

Interestingly enough even without the commented config, the User-Name appears in the outgoing Access-Accept packet. Haven't looked to see why yet, got other issues.


More information about the Freeradius-Users mailing list