It is hard to say exactly why it isn't adding it in without seeing some actual configuration or server debugging text, but there are a few areas you can check.
First, make sure that you have the dictionary with that radius attribute loaded. It should be loaded by default, but it doesn't hurt to check that the dictionaries are being loaded. With a quick search it looks like it the attribute you want is in the file "dictionary.rfc2865" named "Filter-Id". I don't have a copy of FreeRadius 1.x's dictionaries around, but the attribute name might have changed slightly in the 2.x series - make sure you are referring to it correctly. Next, make sure that you are populating Filter-Id as a reply attribute - are you setting it through a LDAP attribute map, from SQL's radreply or radgroupreply tables, or some other method? If you think you are, then I would suggest running your radius server in debug mode (./radiusd -X) and watching an authentication and see why or why not it is being added to the radius reply. If that still doesn't work, for testing, you can add the following lines into your post-auth section of the server config to add the attribute to all completed and accepted requests. update reply { Filter-Id := "student" } You also might try the FreeRadius listserv for support as well (make sure to include configuration snippets and debugging output), or email me direct with the same. Chris Wieringa >>> On 4/3/2012 at 2:42 PM, "Wright, Don" <donald_wri...@brown.edu> wrote: > We have been testing with the latest version 2.x of FreeRadius and are > having trouble passing the Filter-ID information back to our Aruba > controllers. Note the packet traces below show the missing Filter-ID in > the 2.x version, and where it is present on our functioning version 1.x > FreeRadius servers. My systems people have tried different configuration > settings on the server based on the documentation they are looking at, but > without any positive results so far. > Does anyone have an idea of what setting might resolve this, or can > point us to documentation that shows how this works? Thanks in advance for > any help. > > Don Wright > Brown University > > From Version 1.x server: > > 16:04:51.121056 IP (tos 0x0, ttl 64, id 0, offset 0, flags > [DF], proto: UDP (17), length: 207) 10.4.28.15.1645 > > 128.148.10.104.32797: RADIUS, length: 179 > *Access Accept (2)*, id: 0xaa, Authenticator: > c85628210672caeedf2c8e3ade84cdfa > *Filter ID Attribute (11), length: 9, Value: student* > Vendor Specific Attribute (26), length: 58, Value: Vendor: > Microsoft (311) [|radius] [|radius] > > > From Version 2.x server: > > 15:39:34.337535 IP (tos 0x0, ttl 64, id 59206, offset 0, flags > [none], proto: UDP (17), length: 197) 10.4.28.12.1645 > > 128.148.10.104.33828: RADIUS, length: 169 > *Access Accept (2)*, id: 0xbf, > Authenticator: 85c2f9f515ee8ff6a8bee1d88cae243c > Vendor Specific Attribute (26), length: 58, Value: Vendor: > Microsoft (311) [|radius] [|radius] > > ********** > Participation and subscription information for this EDUCAUSE Constituent > Group discussion list can be found at http://www.educause.edu/groups/. -- -- Chris Wieringa cwier...@calvin.edu Sr. Systems Engineer Calvin Information Technology ********** Participation and subscription information for this EDUCAUSE Constituent Group discussion list can be found at http://www.educause.edu/groups/.