-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Arran Cudbard-Bell wrote:
> Alan DeKok wrote:
>> Jonathan Gazeley wrote:
>>> I'm running FreeRADIUS 2.1.1.
>>>
>>> My config block in the post-auth section of the inner-tunnel server
>>> currently reads:
>>>
>>>update outer.reply {
>>>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Alan DeKok wrote:
> Jonathan Gazeley wrote:
>> I'm running FreeRADIUS 2.1.1.
>>
>> My config block in the post-auth section of the inner-tunnel server
>> currently reads:
>>
>>update outer.reply {
>>User-Name := "testing-%{User
Jonathan Gazeley wrote:
> I'm running FreeRADIUS 2.1.1.
>
> My config block in the post-auth section of the inner-tunnel server
> currently reads:
>
>update outer.reply {
>User-Name := "testing-%{User-Name}"
>}
>
>
> FR does indeed appear to be using this block:
Jonathan Gazeley wrote:
This is pretty much the config I had already. My eap.conf already
specifies a virtual inner server. The only difference was that I had
'use_tunneled_reply = no', so I changed that to 'yes'.
My inner virtual server, 'inner-tunnel' already had an 'update reply'
block ide
Arran Cudbard-Bell wrote:
> As far as i'm aware this has never worked,
Weird. I know I tested it before it went in.
I'll try to take a look at it before 2.1.4.
> Alan, If the last round of the EAP conversation didn't require data to
> be sent to the inner server the outer.User-Name attribut
Arran Cudbard-Bell wrote:
As far as i'm aware this has never worked, which is why I still return
attributes from the inner tunnel and get it that way.
eap {
peap {
use_tunneled_reply = yes
virtual_server = "local.user.inner"
}
}
server local.u
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jonathan Gazeley wrote:
> No - this is a completely standard FreeRADIUS configuration. Nothing
> relating to rewriting anything has been changed.
>
> In the debug log posted in one of my earlier messages, it appears the FR
> server sends an Access-Cha
No - this is a completely standard FreeRADIUS configuration. Nothing
relating to rewriting anything has been changed.
In the debug log posted in one of my earlier messages, it appears the FR
server sends an Access-Challenge packet from the inner server using my
statically set outer ID (testing
Jonathan Gazeley wrote:
> Sorry to 'bump' my previous post. I'm at a loss as to why FreeRADIUS
> expands the username as expected, but why this username never makes it
> back to the NAS. Does anyone have any ideas?
No idea... is there anything else that's over-writing the User-Name?
Alan DeKo
Sorry to 'bump' my previous post. I'm at a loss as to why FreeRADIUS
expands the username as expected, but why this username never makes it
back to the NAS. Does anyone have any ideas?
Thanks,
Jonathan
Jonathan Gazeley wrote:
I'm running FreeRADIUS 2.1.1.
My config block in the post-auth se
I'm running FreeRADIUS 2.1.1.
My config block in the post-auth section of the inner-tunnel server
currently reads:
update outer.reply {
User-Name := "testing-%{User-Name}"
}
FR does indeed appear to be using this block:
expand: testing-%{User-Name} -> testin
Jonathan Gazeley wrote:
> When added in the "inner-tunnel" server, this block has no effect on the
> content of the Access-Accept packets (as shown by radiusd -X).
Which version are you running? Is it *using* that entry you added?
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www
Alan DeKok wrote:
Update the reply. In the "inner-tunnel" server, "post-auth"
section, add:
...
update outer.reply {
User-Name = "%{User-Name}"
}
...
When added in the "inner-tunnel" server, this block has no effect on the
content of the Access-Accept packets (a
Hello all,
Am Mittwoch, den 28.01.2009, 11:06 + schrieb Jonathan Gazeley:
> Alan DeKok wrote:
> >
> > Update the reply. In the "inner-tunnel" server, "post-auth" section, add:
> >
> > ...
> > update outer.reply {
> > User-Name = "%{User-Name}"
> > }
> > ...
> >
>> Update the reply. In the "inner-tunnel" server, "post-auth" section, add:
>>
>> ...
>> update outer.reply {
>> User-Name = "%{User-Name}"
>> }
>> ...
>>
>Done this, doesn't seem to work. I guess the NAS doesn't accept it.
>>
Post the debug. Lets see what name
Alan DeKok wrote:
Update the reply. In the "inner-tunnel" server, "post-auth" section, add:
...
update outer.reply {
User-Name = "%{User-Name}"
}
...
Done this, doesn't seem to work. I guess the NAS doesn't accept it.
Tell the NAS which
Jonathan Gazeley wrote:
> I have an existing FreeRadius setup for an 802.1x wireless network.
> Currently the accounting is done to a MySQL database. Presently, the
> username appearing in these records is the outer identity. I want to use
> the authenticated inner identity, such that I can rely on
* Jonathan Gazeley [Wed, 21 Jan 2009 09:55:04
+]:
>
> Thanks for your reply.
>
Not a problem.
> I've just got round to looking at your SQL statement - I take it you've
> had to edit your queries in dialup.conf to get it to insert some extra
> fields? If you wouldn't mind, could you post yo
Thanks for your reply.
I've just got round to looking at your SQL statement - I take it you've
had to edit your queries in dialup.conf to get it to insert some extra
fields? If you wouldn't mind, could you post your changes to the
query/queries?
Thanks a lot,
Jonathan
Alexander Clouter wro
Hi,
* Jonathan Gazeley [Thu, 15 Jan 2009 15:31:19
+]:
>
> I have an existing FreeRadius setup for an 802.1x wireless network.
> Currently the accounting is done to a MySQL database. Presently, the
> username appearing in these records is the outer identity. I want to use
> the authenticat
I have an existing FreeRadius setup for an 802.1x wireless network.
Currently the accounting is done to a MySQL database. Presently, the
username appearing in these records is the outer identity. I want to use
the authenticated inner identity, such that I can rely on my accounting
data e.g. for
21 matches
Mail list logo
