Check EAP Type in Unlang/Post Auth
Arnab Roy
arnabroy at mail.com
Thu Apr 27 00:21:37 CEST 2017
Hi Matthew,
I tried this
if(EAP-Type== "PEAP"){
update
reply {
Aruba-User-Role = "guest"
}
}
In both and inner and outer servers it never matches that rule. Any
further suggestions.
Cheers
Arnab
Sent: Wednesday, April 26, 2017 at 12:01 PM
From: "Matthew Newton" <mcn4 at leicester.ac.uk>
To: "FreeRadius users mailing list"
<freeradius-users at lists.freeradius.org>
Subject: Re: Check EAP Type in Unlang/Post Auth
On Wed, Apr 26, 2017 at 12:40:11PM +0200, Arnab Roy wrote:
> //This is my way of trying to explain the requirements not the real
> unlang syntax :)
> if(eap-type == "PEAP"){
>
> VSA:=Blah
>
> }
> elseif(eap-type=="TLS")
> {
> VSA:=Blah
> }
Something like
if (EAP-Type == "PEAP") {
# PEAP
update reply {
...
}
}
elsif (EAP-Type == "TLS") {
# EAP-TLS
update reply {
...
}
}
else {
# default case
update reply {
...
}
}
I can't remember offhand exactly where EAP-Type is available - you
may need to do it in the inner-tunnel and copy the attributes back
to the outer.
Matthew
--
Matthew Newton, Ph.D. <mcn4 at leicester.ac.uk>
Systems Specialist, Infrastructure Services,
I.T. Services, University of Leicester, Leicester LE1 7RH, United
Kingdom
For IT help contact helpdesk extn. 2253, <ithelp at le.ac.uk>
-
List info/subscribe/unsubscribe? See
[1]http://www.freeradius.org/list/users.html
References
1. http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list