tunneled_reply vs outer.session-state
Alan DeKok
aland at deployingradius.com
Mon Apr 15 17:54:25 UTC 2024
On Apr 15, 2024, at 1:43 PM, Jack Carter <jack_carter94 at hotmail.com> wrote:
> Ok.. lets start again…
The link I posted documents what information we need in order to help you. It explicitly says do NOT post the configuration files. It also says to show the server receiving packets.
The message you posted didn't follow either recommendation.
> I am trying to remove the depreciated use_tunneled_reply in place of updating the outer.session-state but can’t seem to get it working. Users are not authorised after adjusting the config to the following… what am I missing?
Read the documentation and follow it.
> I am testing this with: radtest -t mschap test.user password 127.0.0.1:18120 0 testing123
Which doesn't test the process you're trying to debug. If you send packets directly to the inner tunnel, then there's no outer tunnel.
If you're doing to test inner/outer tunnel policies, then you have to send the server EAP traffic which will run both the inner and outer policies.
> Thanks in advance for any assistance you can provide.
I'm trying. It's not working well.
> Jack
>
> Output from freeradisu -X:
> ...
> Ready to process requests
And nothing about the server processing packets. How are you going to debug the server packet processing when the logs don't show it processing any packets?
Perhaps there's a documentation page you could follow which says exactly what to do.
If you're not going to read or follow the documentation, it will be very difficult to solve any configuration problems.
Alan DeKok.
More information about the Freeradius-Users
mailing list