Le 13/02/2013 17:09, [email protected] a écrit :
Hi,Some user who are proxied (eduroam) are acconted with username = anonymous@realm I don't want to have anonymous user in my database, do i have to reject anonymous users in post-proxy section or there is something to do to force user to use inner identity?anonymous outer identities are perfectly legal and valid in 802.1X environments with remote proxying - eg eduroam. if you block/reject suers who have an anonymous outerID then you are in violation of eduroam rules . users with JUST @realm as their outerID are also 100% valid (!) you need to investigate CUI (Chargeable-User-Identity) as thats EXACTLY what that attribute is for - to identify users based on something other than their outerID or Calling-Station-Id (both of which they can change!). alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Ok, i'll try to set up CUI . thank for all, - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
