Any interoperability issues with Aruba and Freeradius

A.L.M.Buxey at A.L.M.Buxey at
Fri Feb 8 18:59:12 CET 2013


> * there is one problem that FreeRADIUS doesn't return the inner ID into the outer one when using EAP-TTLS (but does when using EAP-PEAP), but this is nothing Aruba-specific and probably a configuration error in FreeRADIUS on our part.

stick something like this into your 'inner-tunnel" authorize section:

	#       Workaround for EAP-TTLS MsCHAPv2, not adding outer.reply attributes
	#       If we use both methods we get duplicate User-Name attributes.
	if(("%{outer.request:EAP-Type}" == 'EAP-TTLS') && ("%{control:Auth-Type}" == 'MSCHAP')) {
        	update reply {
                	User-Name := "%{User-Name}"


More information about the Freeradius-Users mailing list