Hello.
I'm puzzled about eap ttls accounting, namely with interim-updates.
My setup: freeradius 2.1.10 on debian squeeze, mikrotik RouterOs version
3.13 as NAS.
On the NAS I enabled eap accounting; on the freeradius I set
copy_request_to_tunnel = yes
use_tunneled_reply = yes
update outer.reply {
User-Name = "%{request:User-Name}"
}
If I look at replay-detail I found
Fri Feb 18 09:46:53 2011
Packet-Type = Access-Accept
User-Name = "cecchinip@esf"
MS-MPPE-Recv-Key = 0x86 etc etc
But when inspecting interim-updates ..
Fri Feb 18 10:03:53 2011
Service-Type = Framed-User
NAS-Port-Id = "wlan2"
User-Name = "anonymous"
Acct-Session-Id = "82b00004"
Acct-Multi-Session-Id = "bla bla ... "
Acct-Authentic = RADIUS
Acct-Status-Type = Interim-Update
Acct-Session-Time = 1020
Acct-Input-Octets = 4117
Acct-Input-Gigawords = 0
Acct-Input-Packets = 27
Acct-Output-Octets = 2515
Acct-Output-Gigawords = 0
Acct-Output-Packets = 63
NAS-Identifier = "EduroamTest"
NAS-IP-Address = *************
Acct-Delay-Time = 0
Acct-Unique-Session-Id = "bed886a60e348ed6"
Timestamp = 1298019833
Request-Authenticator = Verified
Looks like the radius honours the request to send out the inner
identity, but the nas get rid of and continue to use 'anonymous'.
It's that, is a NAS's problem or maybe could be something I
misconfigured on freeradius ?
Any hint? And thanks in advance.
Paolo.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html