Adding attribute to Access-Accept message
Matthew Newton
mcn at freeradius.org
Thu Oct 5 11:21:58 UTC 2023
On 05/10/2023 11:09, Anders Sørensen wrote:
> This works, but getting the SMS fails, since the firewall is looking for the attribute “mobile” in the response from the radius server.
What attribute? RADIUS attributes are defined by numbers, the dictionary
converts the numbers to names to make it easier for humans.
> The solution, I thought, was adding the attribute in the post-auth area in my default site file.
>
> update {
> &reply:User-Name := 'Hej'
> &reply:mobile := 'Trala'
> }
Potentially, yes. But...
> I have also added the “mobile” attribute to the “Dictionary” file:
>
> ATTRIBUTE mobile 3000 string
No. That file says that numbers in the range 3000+ are internal use
only. They will never get onto the wire.
You need to look in the firewall documentation to find out exactly what
attribute it wants, and not just make one up yourself.
It's pretty likely that the attribute is already defined in the
FreeRADIUS dictionaries, in which case just use that.
Only if the attribute is not defined will you need to edit the
dictionary file and add it yourself.
> What am I missing? It's probably something obvious, but I’ve gone through so many files, that by now I have probably confused myself.
Read the firewall documentation and find out what attribute it wants,
then set that attribute as you have done above.
--
Matthew
More information about the Freeradius-Users
mailing list