MSCHAPv2 use_tunneling_reply problem
Scott Armitage
S.P.Armitage at lboro.ac.uk
Thu Oct 17 00:36:35 CEST 2013
On 16 Oct 2013, at 22:45, Tekán Dávid <tek.david at gmail.com> wrote:
> Hi all!
>
> I have a problem with users using the anonymous identity field during
> connecting.
> It turned out that for privacy reasons it is hidden outside of the
> tunnel. I found that by setting use_tunneling_reply to yes i can
> "transfer" the inner username outside of the tunnel, and the correct
> (not anonymous) username will appear in the accounting records. I've
> uncommented even the update outer.reply... part in the
> sites-enabled/inner-tunnel file. Unfortunatelly it does not work.
> Is there anything else, what i need to do to get it work? I use
> coovachilli for nas.
>
in inner-tunnel post-auth try:
#
# Copy inner id to reply so the NAS knows the real identity of who logged in
#
update reply {
User-Name := "%{request:User-Name}"
}
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 203 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20131016/47f014c9/attachment.pgp>
More information about the Freeradius-Users
mailing list