Hello,
I want to provide the possibility of anonymouse EAP, with inner
User-name and password.
If you already successfully used outer = inner identity and it worked, you
don't need to change anything. the eap module doesn't care about the
User-Name of the outer request, just try it out.
The inner request will magically show up after the tunnel has
been decoded. It
is a new request, and will have its own User-Name attribute.
Could you be mores specific as:
* when did this feature appear ?
* how does this differ from previous versions ?
Indeed, I found out that with the
Stefan Winter wrote:
Hello,
I want to provide the possibility of anonymouse EAP, with inner
User-name and password.
If you already successfully used outer = inner identity and it worked, you
don't need to change anything. the eap module doesn't care about the
User-Name of the
Thibault Le Meur [EMAIL PROTECTED] wrote:
Indeed, I found out that with the latest release of FR, the debug isn't the
same: previously (FR 1.0.1), I was able to read the Tunneled inner-request
and attributes (with inner user name and password...) and the complete
process of this 'new request'
Hello,
Am Freitag, 17. November 2006 12:56 schrieb Thibault Le Meur:
The inner request will magically show up after the tunnel has
been decoded. It
is a new request, and will have its own User-Name attribute.
Could you be mores specific as:
* when did this feature appear ?
* how does
Hi Florian,
If you already successfully used outer = inner identity and it worked,
you don't need to change anything. the eap module doesn't care about the
User-Name of the outer request, just try it out.
Hm, but I want to use anonymus as the outer username ( for eap) and
my real
Thibault Le Meur [EMAIL PROTECTED] wrote:
Indeed, I found out that with the latest release of FR, the debug
isn't the
same: previously (FR 1.0.1), I was able to read the
Tunneled inner-request
and attributes (with inner user name and password...) and
the complete
process of this
Stefan Winter [EMAIL PROTECTED] wrote:
as before. The only thing that changed is that the new, inner request isn't
printed in -X. But it's still there.
Hmm... that should be fixed.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
And, lastly, did you set copy_request_to_tunnel in eap.conf?
Don't, because
then your real inner user name gets overwritten by the outer one.
Strange... I've set copy_request_to_tunnel and I haven't seen my inner
User-Name be overwritten !
Are you sure it would overwrite the inner User-Name
Thibault Le Meur [EMAIL PROTECTED] wrote:
Strange... I've set copy_request_to_tunnel and I haven't seen my inner
User-Name be overwritten !
Doing that would be wrong. FreeRADIUS doesn't do that.
And, lastly, did you set copy_request_to_tunnel in eap.conf?
Don't, because
then your
Thibault Le Meur [EMAIL PROTECTED] wrote:
Strange... I've set copy_request_to_tunnel and I haven't seen my inner
User-Name be overwritten !
Doing that would be wrong. FreeRADIUS doesn't do that.
I know, It would have broken my setup ;-)
And, lastly, did you set
Thibault Le Meur [EMAIL PROTECTED] wrote:
Ok, so I had correctly interpreted this copy_request_to_tunnel option.
Thus I thin the previous debug output showing th decoded inner request
was better to troubleshoot tunneled authentication schemes.
The weird thing is that the code hasn't
12 matches
Mail list logo