anonymous user when proxying

Olivier Beytrison olivier at
Wed Feb 13 15:52:36 CET 2013

On 13.02.2013 15:46, Hocine M wrote:
> Hi,
> Some user who are proxied (eduroam) are acconted with username =
> anonymous at realm
> I don't want to have  anonymous user in my database, do i have to reject
> anonymous users in post-proxy section or there is something to do to
> force user to use inner identity?

If this is a remote user connected within your institution, and the home
radius does NOT copy the inner identity to the outer tunnel, then you
won't be able to know the real username of the user.

You *could* reject users with an outer identity of anonymous at realm or
just @realm, but you would not be eduroam-compliant anymore.

for ref :
second section, Anonymous outer identites


 Olivier Beytrison
 Network & Security Engineer, HES-SO Fribourg
 Mobile: +41 (0)78 619 73 53
 Mail: olivier at

More information about the Freeradius-Users mailing list