How to see username from inner tunnel

Brian C. Huffman bhuffman at etinternational.com
Mon Nov 3 15:24:31 CET 2014 

I found this in the inner-tunnel config:
         update outer.reply {
                 User-Name = "%{request:User-Name}"
         }

Reading the description, it sounds like it should do what I want. It was 
commented out, so I uncommented it and restarted radiusd. However it 
still doesn't seem to affect the user I see in radlast or in the 
accounting packets in the detail log.

What am I doing wrong?

Thanks,
Brian

On 10/30/2014 03:56 PM, Brian C. Huffman wrote:
> All,
>
> So I've got a wireless NAS doing WPA/Enterprise (PEAP).  It's working, 
> but now I'm looking at the accounting.  Users on this list explained 
> the difference between the outer ID and inner ID and I believe I have 
> it working correctly.
>
> However for logging purposes, I can't seem to find anywhere that the 
> inner ID is logged.  I tested this by connecting from my phone 
> (Android) and specified a username and an "anonymous" username of 
> "blah".  I'm assuming that when I put something in "anonymous", that's 
> what shows up in the outer ID.
>
> At any rate, it goes through the authentication and even the LDAP 
> group check so I figure it must be getting my real username somewhere, 
> but when I look in the accounting logs, I don't see it:
> [root at auth01 radius]# radlast
> blah     000:unifi-ap                  Thu Oct 30 15:38 - 15:45 (00:06)
>
> from detail-20141030:
> <snip>
> Thu Oct 30 15:38:46 2014
>         Acct-Session-Id = "54526229-00000019"
>         Acct-Status-Type = Start
>         Acct-Authentic = RADIUS
>         User-Name = "blah"
>         NAS-IP-Address = 192.168.40.23
>         NAS-Identifier = "dc9fdb924033"
>         NAS-Port = 0
>         Called-Station-Id = "C2-9F-DB-93-40-33:ETI-I"
>         Calling-Station-Id = "F8-F1-B6-39-99-69"
>         NAS-Port-Type = Wireless-802.11
>         Connect-Info = "CONNECT 0Mbps 802.11b"
>         Acct-Unique-Session-Id = "ca2f16affb23b969"
>         Timestamp = 1414697926
> <snip>
>
> blah is NOT my real username....but that's what I'm seeing logged.
>
> Is there any way to see the real username?
>
> Thanks,
> Brian
>
> -
> List info/subscribe/unsubscribe? See 
> http://www.freeradius.org/list/users.html

More information about the Freeradius-Users mailing list