strauf at rz.tu-clausthal.de
Thu Feb 25 14:51:03 CET 2016
>Yes, I introduced a new attribute Inner-User-Name and I am setting a
>value in the inner tunnel server. However, this does not get saved to
>the SSL/TLS cache so when there is an authentication for a resumed
>session, we can't access that attribute.
>I'm trying to figure out how to cache other stuff with the TLS
>attributes that can be pulled back later on.
Do you receive the inner User-Name in accounting packets (e. g. because you copied it with the "session-state" mechanism into the Access-Accept reply)? If so, you can do CoA without any caching because the NAS sends the correct username in accounting packets anyhow. You can work with those User-Names in the accounting section and hence to CoA there. Would that work for you?
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 2172 bytes
Desc: not available
More information about the Freeradius-Users