On Tue, 13 Mar 2007 11:58:51 -0500 Alan DeKok <[EMAIL PROTECTED]> wrote: >Sam Schultz wrote: >> I'm currently using EAP-TTLS & PAP (via SecureW2) to authorize & >> authenticate wireless clients against specific realms. Users are >> able to authorize & authenticate properly, but the username in >> incoming accounting replies come in as 'anonymous@<realmname>'. > > You can set "User-Name" in the Access-Accept, and the NAS should > use that in Accounting-Requests. >
This should be solvable by adding something like 'User-Name = %{User-Name}' to the DEFAULT entries in the users file, correct? >> I had this spitting out proper accounting information before, >> and haven't changed any configuration options since putting it >> into production. The only conclusions I can come up with are: >> >> 1) The access points are buggy (3com OfficeConnects) > > No. > >> 2) FreeRADIUS doesn't keep track of connections properly -- >either >> because it doesn't bother to replace anonymous entries with >the >> previously seen identity for the given ID, or I haven't >> configured it to do so. > > No. > > The problem is that the supplicant is sending "[EMAIL PROTECTED]" as >the >User-Name. > > Alan DeKok. >-- > http://deployingradius.com - The web site of the book > http://deployingradius.com/blog/ - The blog >- >List info/subscribe/unsubscribe? See >http://www.freeradius.org/list/users.html -- Click for free info on online degrees and make $150K/ year http://tagline.hushmail.com/fc/CAaCXv1S7YhBAO0BOTJUnxxWHHvlnY0O/ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html