newtownz wrote: > Hi, > > Thank your for your answer. > >> Just return User-Name in the reply and do a repeat LDAP query on your >> outer layer; doing a 'cn' lookup should be instantaneous... > > I'm a little puzzled on how to accomplish this!
In the "inner-tunnel" virtual server: authorize { ... update reply { User-Name = "foo" } ... } Also, be aware that EAP does multiple round trips. If you update "outer.control" in one packet, that value is *not* available to the next packet in the stream. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html