Not able to receive inner identity in Access-Accept in EAP-TTLS.
Alan DeKok
aland at deployingradius.com
Sat Aug 30 18:56:49 CEST 2014
Axel Luttgens wrote:
> Could it be said that, as a general rule, the best approach for retrieving information from the inner tunnel is to make use of "use_tunneled_reply = yes"? Conversely, are there particular cases for which that approach won't work?
Yes.
> On the other hand, nothing coming for free, does "use_tunneled_reply = yes" significantly increase the load on the server, with perhaps the risk to use too much resources?
No.
> Finally, in the case of error (a non existing user, for instance), there seems to be no attempt to pass the saved attributes to the "Post-Auth-Type REJECT" section. Am I right?
Yes.
Alan DeKok.
More information about the Freeradius-Users
mailing list