Not able to receive inner identity in Access-Accept in EAP-TTLS.
Stefan Paetow
Stefan.Paetow at ja.net
Fri Aug 29 10:45:06 CEST 2014
Ok Axel,
What's so "disturbing" about the comment?
Stefan
-----Original Message-----
From: freeradius-users-bounces+stefan.paetow=ja.net at lists.freeradius.org [mailto:freeradius-users-bounces+stefan.paetow=ja.net at lists.freeradius.org] On Behalf Of Axel Luttgens
Sent: 28 August 2014 23:19
To: FreeRadius users mailing list
Subject: Re: Not able to receive inner identity in Access-Accept in EAP-TTLS.
Le 28 août 2014 à 21:37, Alan DeKok a écrit :
> [...]
> That's what I said. Don't update the outer reply. Update the inner
> reply.
Hello Alan,
Sorry for not having been able to read between the lines...
> Then, "use_tunneled_reply" should copy the inner reply to the outer
> reply.
... but then, yes, with:
use_tunneled_reply = yes
in eap's config and:
update reply {
User-Name = "%{request:User-Name}"
}
at the end of inner tunnel's post-auth section, everything seems to be working as expected.
If I may allow... the comment (suggestion) in raddb/sites-available/inner-tunnel is terribly disturbing:
# If you still want to use the inner tunnel User-Name then
# uncomment the section below, otherwise you may want
# to use Chargeable-User-Identity attribute from RFC 4372.
# See further on.
#update outer.reply {
# User-Name = "%{request:User-Name}"
#}
Thanks again,
Axel
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Janet(UK) is a trading name of Jisc Collections and Janet Limited, a
not-for-profit company which is registered in England under No. 2881024
and whose Registered Office is at Lumen House, Library Avenue,
Harwell Oxford, Didcot, Oxfordshire. OX11 0SG. VAT No. 614944238
More information about the Freeradius-Users
mailing list