> "Thibault Le Meur" <[EMAIL PROTECTED]> wrote: > > Indeed, I found out that with the latest release of FR, the debug > > isn't the > > same: previously (FR 1.0.1), I was able to read the > Tunneled inner-request > > and attributes (with inner user name and password...) and > the complete > > process of this 'new request' and now I don't this. > > Read eap.conf, and look for "copy_request_to_tunnel"
Well... I already have this set to yes because I need to match outer attributes while processing the tunneled-request. My setup is working quite well, but I just think the "radiusd -X" debug log has changed a bit since I am not seeing the decoded inner request packet in it: I can only see a message "Proceeding to decode tunneled attributes" and then the authorize section is run without printing the decoded attributes of the tunneled request to the debug log. I get this: ------------- rlm_eap_ttls: Session established. Proceeding to decode tunneled attributes. Processing the authorize section of radiusd.conf modcall: entering group authorize for request 6 modcall[authorize]: module "preprocess" returns ok for request 6 modcall[authorize]: module "mschap" returns noop for request 6 modcall[authorize]: module "eap" returns noop for request 6 users: Matched entry DEFAULT at line 17 rlm_ldap: Entering ldap_groupcmp() ... ------------- I might be wrong but I think older versions were printing the decoded inner request with _something_like_ that: ------------- rlm_eap_ttls: Session established. Proceeding to decode tunneled attributes. ... Service-Type = Framed-User User-Name = "My-inner-Identity" User-Password = "My-PAP-Passwd" Framed-MTU = 1492 State = 0x50f69e12347f8a811f1334fa392048e Called-Station-Id = "00-01-52-44-55-85:MySSID" Calling-Station-Id = "00-52-44-55-F7-38" NAS-Identifier = "MyAP" NAS-Port-Type = Wireless-802.11 ... ------------- Regards, Thibault - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html