post-auth not being entered in inner-tunnel

Alex Sharaz alex.sharaz at york.ac.uk
Wed Mar 13 12:46:39 CET 2013


Hi,

I've got a number of FR 2.2.0 servers that invoke sql_log in the inner-tunnel post-auth in order to write user-name  some other attributes into a back end mysql database server  and it all works. If I've got non-eap requests coming in , the "default" site deals with it. If I've got eap-based requests coming in the inner-tunnel deals with them. About a week ago I downloaded the latest 2.2 code from git.freeradius, built that and upgraded one of my FR2.2 servers. Since then  I can't see an invocation of post-auth within the inner-tunnel. I can see it for the "default" site but not the inner-tunnel. Everything else seems to work but not that. Same hardware platform, same config files just different  FR code.

I've generated two radius -X dumps, vsn220.log and vsn221.log on my test server. The only raw client accessing this server is the switch my mac is sitting on  configured to do macauth and 802.1x on my ethernet port. By simply disconnecting and reconnecting my mac I've generated a macauth followed by an 802.1x auth. In both files you can see post-auth being invoked for the default site. but only the vsn220.log file has a corresponding post-auth for the inner-tunnel.

It may be  that there's something else I've configured wrong that is only showing up in van 2.2.1 (ish). Should I be sending these traces to the free radius list or is there another address I can email them to
Rgds
Alex



More information about the Freeradius-Users mailing list