Hi, > copy_request_to_tunnel = yes > > As mentioned earlier, I am assigning a standard RADIUS attribute, but the > value I'm passing to it is not there when I call it, which is in the > post_auth of the outer virtual server.. I figured it made sense to put it > there, since I call the LDAP module in the authroize section of the outer > virtual server. Should this be done in the inner-tunnel? I guess I'll > give that a try too...
why call LDAP in the outerid for EAP- surely call it in the inner-tunnel instead (and put some protection around it so that its only called when needed - right now, if you look, you'll see your LDAP whacked all over the place during requests coming through - at least 3x more queries to the LDAP than you need.) alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
