Hi,
> * there is one problem that FreeRADIUS doesn't return the inner ID into the
> outer one when using EAP-TTLS (but does when using EAP-PEAP), but this is
> nothing Aruba-specific and probably a configuration error in FreeRADIUS on
> our part.
stick something like this into your 'inner-tunnel" authorize section:
# Workaround for EAP-TTLS MsCHAPv2, not adding outer.reply
attributes
# If we use both methods we get duplicate User-Name attributes.
#
if(("%{outer.request:EAP-Type}" == 'EAP-TTLS') &&
("%{control:Auth-Type}" == 'MSCHAP')) {
update reply {
User-Name := "%{User-Name}"
}
}
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
