Attribute NOT being returned in access-accept but is returned in Access-Challenge
Jake He
jake.he at gmail.com
Fri Jun 26 05:21:23 CEST 2015
Hi,
I have a problem where Attribute MT-Recv-Limit is returned in
Access-Challenge but not in Access-Accept.
This is my setup. FR 3.0.8
I have configured following in the eap.conf file in the ttls section :
copy_request_to_tunnel = yes
use_tunneled_reply = yes
virtual_server = "inner-tunnel"
/etc/freeradius/sites-available/inner-tunnel. post-auth block, uncommented.
update {
&outer.session-state: += &reply:
}
update outer.session-state {
MS-MPPE-Encryption-Policy !* ANY
MS-MPPE-Encryption-Types !* ANY
MS-MPPE-Send-Key !* ANY
MS-MPPE-Recv-Key !* ANY
Message-Authenticator !* ANY
EAP-Message !* ANY
Proxy-State !* ANY
}
I have a fixed radreply attribute Session-Timeout in the database. This is
sent in the Access-Accept.
MT-Recv-Limit is sent by a perl script
<https://raw.githubusercontent.com/zhex900/radius-config/master/version.3/mods-config/perl/check_usage.pl>.
This
script add a new radreply $RAD_REPLY{'Mikrotik-Recv-Limit'}. This is called
in the site-available/default authorize block.
Mikrotik-Recv-Limit does appear in the Access-Challenge but not in the
Access-Accept.
Any ideas?
Jake
More information about the Freeradius-Users
mailing list