Inner-tunnel user name in interim-update

1839 at uniurb.it 1839 at uniurb.it
Sat Feb 19 07:16:42 EST 2011


Hello.

Sorry to bother with a cross-posting.
I asked about the below on Freeradius list. Looks like it's a NAS problem.
Would I have better luck with hostap ?
I may install hostap/openwrt but will be nice to know if I DO have a 
chance in advance :)

Ty. Paolo

> Hello.
>
> I'm puzzled about eap ttls accounting, namely with interim-updates.
>
> My setup: freeradius 2.1.10 on debian squeeze, mikrotik RouterOs 
> version 3.13 as NAS.
>
> On the NAS I enabled eap accounting; on the freeradius I set
>
> copy_request_to_tunnel = yes
> use_tunneled_reply = yes
>
> update outer.reply {
> User-Name = "%{request:User-Name}"
> }
>
> If I look at replay-detail I found
>
> Fri Feb 18 09:46:53 2011
> Packet-Type = Access-Accept
> User-Name = "cecchinip at esf"
> MS-MPPE-Recv-Key = 0x86 etc etc
>
> But when inspecting interim-updates ..
>
> Fri Feb 18 10:03:53 2011
> Service-Type = Framed-User
> NAS-Port-Id = "wlan2"
> User-Name = "anonymous"
> Acct-Session-Id = "82b00004"
> Acct-Multi-Session-Id = "bla bla ... "
> Acct-Authentic = RADIUS
> Acct-Status-Type = Interim-Update
> Acct-Session-Time = 1020
> Acct-Input-Octets = 4117
> Acct-Input-Gigawords = 0
> Acct-Input-Packets = 27
> Acct-Output-Octets = 2515
> Acct-Output-Gigawords = 0
> Acct-Output-Packets = 63
> NAS-Identifier = "EduroamTest"
> NAS-IP-Address = *************
> Acct-Delay-Time = 0
> Acct-Unique-Session-Id = "bed886a60e348ed6"
> Timestamp = 1298019833
> Request-Authenticator = Verified
>
> Looks like the radius honours the request to send out the inner 
> identity, but the nas get rid of and continue to use 'anonymous'.
> It's that, is a NAS's problem or maybe could be something I 
> misconfigured on freeradius ?
>
> Any hint? And thanks in advance.
> Paolo.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.shmoo.com/pipermail/hostap/attachments/20110219/f8fd31ad/attachment.htm 


More information about the HostAP mailing list