"Thibault Le Meur" <[EMAIL PROTECTED]> wrote: > Strange... I've set copy_request_to_tunnel and I haven't seen my inner > User-Name be overwritten !
Doing that would be wrong. FreeRADIUS doesn't do that. > > And, lastly, did you set copy_request_to_tunnel in eap.conf? > > Don't, because > > then your real inner user name gets overwritten by the outer one. No, absolutely not. That DOES NOT HAPPEN. > Another question: if you don't set copy_request_to_tunnel, could you still > have a rule in the users file matching the user's ldap group (for the users > in the inner request) and the Called-Station-Id (from outer request) ? You could match LDAP group, because the username is in the inner request. You can't match Called-Station-Id, because it's in the outer request. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
