On 20 Jul 2011, at 12:49, Alexander Clouter wrote: > Scott Armitage <s.p.armit...@lboro.ac.uk> wrote: >> >> I have noticed that when authenticating using TTLS/MSCHAPv2 that the >> outer-identity is used in the RADIUS reply packet even if the >> use_tunneled_reply is set to yes for TTLS in eap.conf >> >> Does anyone know the reason for this? >> > TLS session resumption?
I am, but have tested with it off and get the same result. > Also TTLS/MSCHAPv2 is possibly for you actually > TTLS/EAP-MSCHAPv2 which means you get in effect an inner-inner tunnel if > I remember correctly. > > Have a nosey at: > > http://www.mail-archive.com/freeradius-users@lists.freeradius.org/msg71026.html > Thanks, for the link. I could force the user-name in the reply, as suggested, with some rewriting of attributes. I was mostly just wondering why TTLS behaved in this way. Scott
PGP.sig
Description: This is a digitally signed message part
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html