Hi. I have WIFI network based on Cisco Aironet 1130 with WPA/TKIP - EAP-PEAP. Radius server is freeradius (just upgraded to 1.1.7) with mysql backend (users,accounting). Everything worked fine for maybe 2 years. Just atm i have a new problem.
Some APs got new IOS and i noticed that now is not sending User-Name like [EMAIL PROTECTED] but is sending MAC address as Username. This "MAC address" username i got also as system enviroment variables. On other APs with old IOS i got also problem. Some users got some new software for connecting to the network(suplicant) where they can set some "fake" outer username. Ofc users can authenticate against radius without problems. I think its because inner authentication variables (MS-CHAPv2 login name?) which freeradus use for authentication. So it looks like (for me) that AP is sending "outer" information for accounting. Maybe there is some option howto force AP to show inner username ? Back to MYSQL. Mysql atm is logging "fake usernames" or MAC addresses as UserName into radacc table. BUT mysql is logging correct username (inner) into radpostauth. Any chance howto solve this problem ? I want to log username like for radpostauth. Also want this username as system enviroment variable so i can make some start/stop scripts where i can use it. I noticed that TTLS has some options in eap.conf about tunneled-reply or variables. But i have dozen of users(usually students) which have only XP/Vista with PEAP plugin. Cannot force them to install TTLS (if TTLS will works). Tyvm for help. S pozdravom -- Bc. Jan 'EIS' Satko Slovak University of Agriculture network & system manager Tr. A. Hlinku 2 Tel: +421 37 7412 616 949 76 Nitra Slovakia - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html