Outer vs. inner ID in Login OK messages
Alan DeKok
aland at deployingradius.com
Wed Jan 23 17:40:46 CET 2019
On Jan 23, 2019, at 11:30 AM, Martin Pauly <pauly at hrz.uni-marburg.de> wrote:
>
> Am 23.01.19 um 16:27 schrieb Alan DeKok:
>> The server should log what the client sends. The debug log you posted doesn't include that. So maybe the client*is* sending "pauly1" for the outer ID.
>
> No, it sends "eduroam at staff.uni-marburg.de".
> (At least I tell the client to so, and it successfully triggers my cert processing fork.)
>
> Here are the full debug logs (sorry not the same devices, but the effect is consistent across several client platforms).
Hmm.. when I try it with the v3.0.x head, I get:
(6) Login OK: [bob] (from client localhost port 0 via TLS tunnel)
(6) Login OK: [anonymous] (from client localhost port 0 cli 02-00-00-00-00-01)
Maybe try that? I don't recall specifically if anything changed in the source, but it might have.
Alan DeKok.
More information about the Freeradius-Users
mailing list