Michael Bryant wrote: >> unlang? set a variable to the value of MS-CHAP-Error and then set the >> Reply-Message >> to be some text with that variable in it. >> > Unfortunately, this sends it back in the next packet, which is an > Access-Challenge, not in the final Access-Reject.
Sending Reply-Message in an Access-Reject is not permitted for EAP sessions. It is also not supported by any NAS. What you want to do is impossible. Even if you get FreeRADIUS to send a Reply-Message, it will get ignored by the NAS and the client PC. As a result, the message will do *nothing* useful. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
