Franks Andy (RLZ) IT Systems Engineer wrote: > My FR version is 2.1.10+dfsg-3build2_amd64. Unless there’s a nice > package for Ubuntu 12.04 server then I’ll be compiling from source then > I think.
Yes. Upgrading would be good. > so yes, the “use_tunneled reply” bit is there. Is that what’s causing > the copying of attributes from within the tunnel to fail, or is that > setting what it’s supposed to be? The "use_tunneled_reply" configuration only works for Access-Accept. > I’m still getting my head around the > eap thing – like for example why I need authorization and authentication > settings in the inner-tunnel virtual server for eap again – my intuition > would tell me that the inner eap just needs mschap in there if that’s > the protocol inside the tunnel, but then perhaps it’s something to do > with the “protection” bit of peap that means it’s a “tunnel within a > tunnel” or something. Like I said still getting my head around it all. You need "eap" in the inner-tunnel because PEAP sends EAP in the inner-tunnel. > I’d still like to get the attributes copying from the inner to outer > tunnels regardless of the fix in 2.2. It’s gnawing at me a bit. Well... if you want a feature from a later version of the server, upgrade. You can't magically create a feature without code changes. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html