How to retain Module-Failure-Message from inner-tunnel when using PEAP
Peter Steadman
psteadman at warwickshire.ac.uk
Thu Jan 3 16:26:05 CET 2019
Hi Alan
FreeRADIUS Version 3.0.17
I think it is more about my lack of understanding.........I am working on
it but really struggling with this problem!
I understand what is going wrong just struggling to fix it.
regards
Pete
On Thu, 3 Jan 2019 at 15:04, Alan Buxey <alan.buxey at gmail.com> wrote:
> hi,
>
> what version is your server? often you will get or read suggestions that
> would be for the later version...or sometimes hideously old advice that
> only worked on a v2.x box! ;-)
>
> alan
>
> On Thu, 3 Jan 2019 at 14:37, Peter Steadman <psteadman at warwickshire.ac.uk>
> wrote:
>
> > Hello
> > I am struggling to extract the inner-tunnel reject message to linelog and
> > should be grateful for some help please.
> > Instead of getting;
> >
> > Module-Failure-Message := "Rejected: User-Name contains whitespace"
> >
> > the cached message it is being replaced in the final eap exchange by;
> >
> > The users session was previously rejected: returning reject (again.)
> >
> > I did find this post;
> >
> >
> http://lists.freeradius.org/pipermail/freeradius-users/2014-December/074957.html
> > which is exactly my issue helpfully with a solution, but unfortunately I
> > seem to be struggling to apply the solution.
> >
> > - in inner-tunnel, post-auth-type Reject, do:
> >
> > update outer.session-state {
> > Module-Failure-Message := &request:Module-Failure-Message
> > }
> >
> >
> > This seems to work ok but when I try applying the second part;
> >
> > And then in the “default” virtual server, post-auth section, you can
> use:
> >
> > %{%{session-state:Module-Failure-Message}:-%{Module-Failure-Message}}
> >
> > I just get the error "Missing attribute value" when trying to start the
> > server which leads me to suspect that I am not putting this in right
> place
> > or formatting it incorrectly.
> > Could someone please give me an example of this
> > "%{%{session-state:Module-Failure-Message}:-%{Module-Failure-Message}}"
> > in the context of the post-auth section.
> > many thanks
> > Pete
> >
> > --
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> > <https://twitter.com/warwickshirecol>
> > <https://www.facebook.com/WarwickshireCollege>
> > <https://www.linkedin.com/edu/warwickshire-college-group-355076>
> > <https://www.instagram.com/warwickshirecol/>
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> > College Email
> > Disclaimer
> >
> >
> > This message and any files transmitted with it is intended for
> > the addressee only and may contain information that is confidential or
> > privileged.
> >
> >
> > Unauthorised use is strictly prohibited and may be unlawful.
> > If you are not the addressee, you should not read, copy, disclose or
> > otherwise use this message, otherwise than to notify the College via
> > postmaster at warkscol.ac.uk <mailto:postmaster at warkscol.ac.uk>. You should
> > delete this message and any files transmitted with it from your computer
> > and destroy any copies made.
> >
> >
> > Warwickshire College gives no warranty or
> > representation as to the accuracy or reliability of the message and files
> > and does not necessarily endorse any opinions expressed within it.
> > -
> > List info/subscribe/unsubscribe? See
> > http://www.freeradius.org/list/users.html
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
--
Peter Steadman
IT Services
Warwickshire Colleges
(01926) 319027
psteadman at warwickshire.ac.uk
http://www.warwickshire.ac.uk/
--
<https://twitter.com/warwickshirecol>
<https://www.facebook.com/WarwickshireCollege>
<https://www.linkedin.com/edu/warwickshire-college-group-355076>
<https://www.instagram.com/warwickshirecol/>
College Email
Disclaimer
This message and any files transmitted with it is intended for
the addressee only and may contain information that is confidential or
privileged.
Unauthorised use is strictly prohibited and may be unlawful.
If you are not the addressee, you should not read, copy, disclose or
otherwise use this message, otherwise than to notify the College via
postmaster at warkscol.ac.uk <mailto:postmaster at warkscol.ac.uk>. You should
delete this message and any files transmitted with it from your computer
and destroy any copies made.
Warwickshire College gives no warranty or
representation as to the accuracy or reliability of the message and files
and does not necessarily endorse any opinions expressed within it.
More information about the Freeradius-Users
mailing list