Hi there, I'm doing testing in preparation to upgrade a server from 0.5 to 0.9.3, and I've run into an issue with Cisco's auth-proxy feature. Under 0.5, it's been working. Upon successful authentication, the radius server sends back the proper Cisco-AVpairs for a temporary ACL. I have a debug from the router and from the 0.5 radiusd at http://www.jpj.net/~benh/rad5.txt
Under 0.9.3, only the first AVPair is sent back. I'm not sure why. The radius users file is identical, and the config on the router is identical. the only variable seems to be the version of FreeRADIUS. I have a debug from the router and from the 0.9.3 radiusd at http://www.jpj.net/~benh/rad9.txt. Here's the users file in question: hunter1 Auth-Type := Local, Password == "student1" Cisco-AVPair = "auth-proxy:priv-lvl=15", Cisco-AVPair = "auth-proxy:proxyacl#1=deny ip any 192.168.0.0 0.0.0.255", Cisco-AVPair = "auth-proxy:proxyacl#2=permit ip any any" Leaving aside the question of why it's taken so long to upgrade this server, does anyone have any ideas? Thanks Ben -- Ben Hockenhull [EMAIL PROTECTED] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
