AW: Additional reply attributes via eap-pwd possible?
denny.friebe at icera-network.de
denny.friebe at icera-network.de
Wed Jan 27 11:03:21 CET 2021
I have taken a closer look at my configuration. The setting
"use_tunneled_reply = yes" is not necessary as long as "if (1)" is
configured in the inner-tunnel configuration under post-auth. Am I right?
However, commenting out "use_tunneled_reply" under mods-enabled/eap
unfortunately did not bring any further change.
I am a little confused about the output of eap once the attributes have been
read from the database:
(2) eap_pwd: } # server inner-tunnel
(2) eap_pwd: Got tunneled reply code 0
(2) eap_pwd: LCS-TxRateLimit = 6000
(2) eap_pwd: LCS-RxRateLimit = 2000
(2) eap: Sending EAP Request (code 1) ID 41 length 102
(2) eap: EAP session adding &reply:State = 0x58f212fd59db2661
Is it correct that the EAP state is truncated here? The full EAP state
appears to be 0x58f212fd59db26614f0b717cc688911b:
(2) Sent Access-Challenge Id 222 from 10.15.1.36:1812 to 10.30.156.65:37368
length 0
(2) EAP-Message =
0x0129006634025fadaeff04481146b40220f1468f31bf13d8294433193d8537db173268433b
15d077dc47f6a540608fd41203c2f3b6c9a13f4ad48634ac66370345c31d7117b1f6597bdb0c
03f576a59f34b90678337e3f41dcd7cd9c67098aa2d30104f9477e
(2) Message-Authenticator = 0x00000000000000000000000000000000
(2) State = 0x58f212fd59db26614f0b717cc688911b
More information about the Freeradius-Users
mailing list