Not able to receive inner identity in Access-Accept in EAP-TTLS.

Axel Luttgens axel.luttgens at
Sun Aug 31 11:23:03 CEST 2014

Le 30 août 2014 à 18:28, Axel Luttgens a écrit :

> Le 30 août 2014 à 16:38, Alan DeKok a écrit :
>> Alan DeKok wrote:
>>> Unfortunately, that is how it works.  If you read the debug output,
>> I've updated the example inner-tunnel example,
> Yes, I noticed that this morning. :-)

More exactly, I only had seen the next to last change while writing the above.
But the current comment appears to be exactly the one I would have dreamed to write myself. ;-)

Perhaps could it be worth to enhance the description of use_tunneled_reply as well?
With the current comment, use_tunneled_reply could be understood as a way to convey the inner User-Name only; but, unless I'm wrong, any attribute, even a private one, is liable to be brought to the outer session.
Moreover, the mechanism activated by that setting probably deserves a better emphasis; in particular, I'm thinking at its protocol-awareness you have described in a previous message.


More information about the Freeradius-Users mailing list