Re: Attribute NOT being returned in access-accept ?

James J J Hooper Wed, 30 Mar 2011 15:13:56 -0700

On 30/03/2011 22:59, Robert Roll wrote:


   Freeradius Version 2.1.10


  I'm trying to return a vendor attribute, but I don't seem to be seeing it in 
the access-accept ?
I am  inner tunneling to Peap, and you can see the attribute is there...

     Airespace-Interface-Name = "wifi-chem-uconnect"

but I'm not seeing it in the packet from eapol and I'm also seeing it in the 
final
Access-Accept  sent from freeradius ?

Sending Access-Accept of id 10 to 155.97.142.192 port 52965
        MS-MPPE-Recv-Key = 
0x0e6bf137da352024fe32478d9b9c2cdabbba6a94f9e185e16ce5601b8e4a8328
        MS-MPPE-Send-Key = 
0x99880b1843e321c484ceeb0ed19f55e2bbfa769f68e8783615beb220b13bb761
        EAP-Message = 0x030a0004
        Message-Authenticator = 0x00000000000000000000000000000000
        User-Name = "whatever"

------------ From Peap -----------------------------------

[peap] Got tunneled reply RADIUS code 2
        Airespace-Interface-Name = "wifi-chem-uconnect"
        MS-MPPE-Encryption-Policy = 0x00000001
        MS-MPPE-Encryption-Types = 0x00000006
        MS-MPPE-Send-Key = 0x7aa77766e328dcdf3e38555995889912
        MS-MPPE-Recv-Key = 0x6af45f9c8437843caf8d2c2ea1f7d7d2
        EAP-Message = 0x03090004
        Message-Authenticator = 0x00000000000000000000000000000000
        User-Name = "tstRad9"
[peap] Tunneled authentication was successful.


Set use_tunnelled_reply to yes in eap.conf:

https://github.com/alandekok/freeradius-server/blob/14f534aa405cf0063bb10f4bc36493721e054246/raddb/eap.conf#L471

(also line 570 - once for TTLS, once for PEAP)

-James
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Attribute NOT being returned in access-accept ?

Reply via email to