Inner-Tunnel User-Name
Alan DeKok
aland at deployingradius.com
Wed Nov 27 15:33:49 CET 2013
Adam Bishop wrote:
> In the default inner-tunnel post-auth block there's a config block to inject the real username into the outer Access-Accept, however it doesn't seem to do that on FreeRADIUS 3/3.1:
>
> (6) post-auth {
> (6) update outer.reply {
> (6) eap_ttls : expand: "%{request:User-Name}" -> '@local.com'
> (6) eap_ttls : User-Name = "@local.com"
> (6) } # update outer.reply = noop
> (6) } # post-auth = noop
>
> My understanding is that %{request:User-Name} should have expanded to 'steve at local.com'.
>
> Am I misinterpreting what the block does, or is this a bug?
It's a bug. I've pushed a fix.
Alan DeKok.
More information about the Freeradius-Users
mailing list