Reply attribute in access-accept while doing eap-mschapv2
free.aaa
free.aaa at gmail.com
Fri May 23 13:27:39 CEST 2014
Hi Alan,
> radiusd -X
Here it is the output starting with eap module:
(3) # Executing group from file /usr/local/etc/raddb/sites-enabled/default
(3) authenticate {
(3) eap : Expiring EAP session with state 0x5a52ce915851d4f0
(3) eap : Finished EAP session with state 0x5a52ce915851d4f0
(3) eap : Previous EAP request found for state 0x5a52ce915851d4f0,
released from the list
(3) eap : Peer sent MSCHAPv2 (26)
(3) eap : EAP MSCHAPv2 (26)
(3) eap : Calling eap_mschapv2 to process EAP data
(3) eap : Freeing handler
(3) [eap] = ok
(3) } # authenticate = ok
(3) # Executing section post-auth from file
/usr/local/etc/raddb/sites-enabled/default
(3) post-auth {
(3) switch &Huntgroup-Name {
(3) case hVPN {
(3) *update reply {**
**(3) EXPAND %{Class}**
**(3) -->**
**(3) Class = 0x*
(3) } # update reply = noop
(3) } # case hVPN = noop
(3) } # switch &Huntgroup-Name = noop
(3) sql : EXPAND .query
(3) sql : --> .query
(3) sql : Using query template 'query'
rlm_sql (sql): Reserved connection (4)
(3) sql : EXPAND %{User-Name}
(3) sql : --> alex
(3) sql : SQL-User-Name set to 'alex'
(3) sql : EXPAND INSERT INTO radpostauth (username, pass, reply,
authdate) VALUES ( '%{SQL-User-Name}',
'%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S')
(3) sql : --> INSERT INTO radpostauth (username, pass, reply,
authdate) VALUES ( 'alex', '', 'Access-Accept', '2014-05-23 19:18:39')
rlm_sql (sql): Executing query: 'INSERT INTO radpostauth (username,
pass, reply, authdate) VALUES ( 'alex', '', 'Access-Accept', '2014-05-23
19:18:39')'
rlm_sql (sql): Released connection (4)
(3) [sql] = ok
(3) [exec] = noop
(3) remove_reply_message_if_eap remove_reply_message_if_eap {
(3) if (reply:EAP-Message && reply:Reply-Message)
(3) if (reply:EAP-Message && reply:Reply-Message) -> FALSE
(3) else else {
(3) [noop] = noop
(3) } # else else = noop
(3) } # remove_reply_message_if_eap remove_reply_message_if_eap = noop
(3) } # post-auth = ok
Sending Access-Accept Id 35 from 192.168.10.191:1812 to 192.168.10.201:37584
MS-MPPE-Encryption-Policy = Encryption-Allowed
MS-MPPE-Encryption-Types = RC4-40or128-bit-Allowed
MS-MPPE-Send-Key = 0xf8d37a9bb5a0ba0255cdf0b35460fedb
MS-MPPE-Recv-Key = 0xe07010b108e1d452513af46337a818aa
EAP-Message = 0x03030004
Message-Authenticator = 0x00000000000000000000000000000000
User-Name = 'alex'
*Class = 0x*
(3) Finished request
This is a result when I do:
post-auth {
update reply {
Class = "%{Class}"
}
}
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140523/c91138bd/attachment.html>
More information about the Freeradius-Users
mailing list