'RE: Attribute NOT being returned in access-accept ?'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freeradius-users
Subject:    RE: Attribute NOT being returned in access-accept ?
From:       Robert Roll <Robert.Roll () utah ! edu>
Date:       2011-03-30 23:34:09
Message-ID: C6CAA582B5704D4DB2A428AA4FC0CCE45C40638F9C () C3V1 ! xds ! umail ! utah ! edu
[Download RAW message or body]

That seemed to do the trick... 

Thanks Much,

Robert
________________________________________
From: freeradius-users-bounces+robert.roll=utah.edu@lists.freeradius.org \
[freeradius-users-bounces+robert.roll=utah.edu@lists.freeradius.org] On Behalf Of \
                James J J Hooper [jjj.hooper@bristol.ac.uk]
Sent: Wednesday, March 30, 2011 4:11 PM
To: freeradius-users@lists.freeradius.org
Subject: Re: Attribute NOT being returned in access-accept ?

On 30/03/2011 22:59, Robert Roll wrote:
> 
> Freeradius Version 2.1.10
> 
> 
> I'm trying to return a vendor attribute, but I don't seem to be seeing it in the \
> access-accept ? I am  inner tunneling to Peap, and you can see the attribute is \
> there... 
> Airespace-Interface-Name = "wifi-chem-uconnect"
> 
> but I'm not seeing it in the packet from eapol and I'm also seeing it in the final
> Access-Accept  sent from freeradius ?
> 
> Sending Access-Accept of id 10 to 155.97.142.192 port 52965
> MS-MPPE-Recv-Key = \
> 0x0e6bf137da352024fe32478d9b9c2cdabbba6a94f9e185e16ce5601b8e4a8328 MS-MPPE-Send-Key \
> = 0x99880b1843e321c484ceeb0ed19f55e2bbfa769f68e8783615beb220b13bb761 EAP-Message = \
> 0x030a0004 Message-Authenticator = 0x00000000000000000000000000000000
> User-Name = "whatever"
> 
> ------------ From Peap -----------------------------------
> 
> [peap] Got tunneled reply RADIUS code 2
> Airespace-Interface-Name = "wifi-chem-uconnect"
> MS-MPPE-Encryption-Policy = 0x00000001
> MS-MPPE-Encryption-Types = 0x00000006
> MS-MPPE-Send-Key = 0x7aa77766e328dcdf3e38555995889912
> MS-MPPE-Recv-Key = 0x6af45f9c8437843caf8d2c2ea1f7d7d2
> EAP-Message = 0x03090004
> Message-Authenticator = 0x00000000000000000000000000000000
> User-Name = "tstRad9"
> [peap] Tunneled authentication was successful.

Set use_tunnelled_reply to yes in eap.conf:

https://github.com/alandekok/freeradius-server/blob/14f534aa405cf0063bb10f4bc36493721e054246/raddb/eap.conf#L471


(also line 570 - once for TTLS, once for PEAP)

-James
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic