What capacity does radtest have to display custom attributes
Mark Williams
markhw at vt.edu
Tue Jul 11 20:52:08 CEST 2017
dictionary.local ~~~
…
ATTRIBUTE Entitlement 3003 string
…
sites-enabled/default ~~~
…
update reply{
Entitlement := "vpn-remote-access"
Juniper-Ip-Pool-Name := "vpn-remote-access"
}
...
=======================
Mark Williams
markhw at vt.edu (2A83CAC8)
> On Jul 11, 2017, at 2:48 PM, Mark Williams <markhw at vt.edu> wrote:
>
> I’ve been experimenting with the server, trying to get it to return arbitrary custom attributes (defined in dictionary.local) to the Radius-reply. When I run radtest against the virtual-server I see the attributes being added and mentioned in the post-auth debug, but I never see the attribute on the client side of the radtest. Is radtest limited to only displaying officially defined attributes, or might I be doing something obviously ridiculous?
>
> Radius Debug ~~~
> 0) Sending Access-Accept packet to host 192.0.2.90 port 36843, id=194, length=0
> (0) Entitlement := 'vpn-library'
> (0) Juniper-Ip-Pool-Name := 'vpn-library'
> Sending Access-Accept Id 194 from 192.0.2.53:1828 to 192.0.2.90:36843
> Juniper-Ip-Pool-Name := 'vpn-library’
>
> Radtest Output ~~~
> Sending Access-Request Id 194 from 0.0.0.0:36843 to 192.0.2.53:1828
> User-Name = ‘glados'
> User-Password = ‘ilovecake'
> NAS-IP-Address = 192.0.2.90
> NAS-Port = 0
> Message-Authenticator = 0x00
> Received Access-Accept Id 194 from 192.0.2.53:1828 to 192.0.2.90:36843 length 39
> Juniper-Ip-Pool-Name = 'vpn-library'
>
> =======================
> Mark Williams
> markhw at vt.edu (2A83CAC8)
>
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20170711/ba58c2f4/attachment.sig>
More information about the Freeradius-Users
mailing list