seems all i have to do is set: use_tunneled_reply = yes in eap.conf for ttls and peap modules. is that correct?
bz On Wed, 2007-03-07 at 16:23 -0500, Zeli Kartzman wrote: > >Message: 2 > >Date: Wed, 07 Mar 2007 14:28:07 +0100 > >From: Alan DeKok <[EMAIL PROTECTED]> > >Subject: Re: wrong user name is stored in mysql radacct table > >To: FreeRadius users mailing list > > <freeradius-users@lists.freeradius.org> > >Message-ID: <[EMAIL PROTECTED]> > >Content-Type: text/plain; charset=ISO-8859-1 > > > >Zeli Kartzman wrote: > >> so what you're saying is that effectively a user can get around the > >> simultaneous user limit and login as many times as they want -- all > >>they > >> have to do is type a new outside identity each time and as long as > >>the > >> tunneled PEAP identity is correct they will be allowed to login? > > > > If you configure it that way, yes. > > > > The server *can* be configured to enforce simultaneous login limits > >no > >matter what the users type into the outer session. The docs don't > >describe how to do this, but they DO describe how to tie the inner & > >outer sessions together, and also how to enforce simultaneous login. > > > > can you give me a pointer to which docs to look at? thanks > > bz - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html