FreeRADIUS does this by way of a "use-tunneled-reply" option in the PEAP module setup.
--Mike On Jun 1, 2006, at 5:27 PM, Julian Y. Koh wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1How are people handling accounting records for your 802.1X wireless networks? We're in the process of rolling out EAP-PEAP, and everything is fine in terms of our RADIUS accounting records from the APs as long as the users leave the "Outer Identity" field blank - we end up with their real usernames in the accounting records. However, as soon as they fill in anything for "Outer Identity" (Mac OS X) or "Roaming Identity" (Intel Wireless utility), that text is what ends up in our accounting records. Obviously this is suboptimal in terms of relying on our accounting records for true accountingof who was where on our network. Is there any way around this?FWIW, we're using Cisco 1200 APs with a WLSM/WLSE combo, Steel Belted RADIUStalking to an Active Directory back end. Thanks in advance! -----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.0.6 (Build 6060) Comment: <http://bt.ittns.northwestern.edu/julian/pgppubkey.html> iQA/AwUBRH9ptA5UB5zJHgFjEQKANgCcDrXkDHD7v+CDJmulrxHcTtVWSdsAn0sj GgvPA4nr9fM5cY5s0cNVuNly =TiAV -----END PGP SIGNATURE----- --Julian Y. Koh <mailto:[EMAIL PROTECTED]> Network Engineer <phone: 847-467-5780> Telecommunications and Network Services Northwestern University PGP Public Key:<http://bt.ittns.northwestern.edu/julian/ pgppubkey.html>**********Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http:// www.educause.edu/groups/.
********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.
smime.p7s
Description: S/MIME cryptographic signature
