cat-users AT lists.geant.org
Subject: The mailing list for users of the eduroam Configuration Assistant Tool (CAT)
List archive
- From: "Teulahti, Hannu" <hannu.teulahti AT vamk.fi>
- To: "cat-users AT geant.net" <cat-users AT geant.net>
- Subject: [cat-users] freeradius and use_tunneled_reply
- Date: Tue, 10 Dec 2013 07:09:57 +0000
- Accept-language: fi-FI, en-US
- List-archive: <http://mail.geant.net/pipermail/cat-users/>
- List-id: "The mailing list for users of the eduroam Configuration Assistant Tool \(CAT\)" <cat-users.geant.net>
|
Hello all!
Is there a reasonable explanation why the instructions for freeradius have the use_tunneled_reply set to yes?
I rebuilt our radius server from scratch with the instructions on the wiki and started to notice that the inner identity of users started to show up in our wlan controller.
Took a wireshark capture and noticed that the access-accept radius reply contains the inner identity of the user. I pinpointed the problem to use_tunneled_reply=yes setting in eap.conf which was from the instructions in the wiki.
In my opinion that setting renders the anonymous outer identity feature useless.
https://confluence.terena.org/display/H2eduroam/freeradius-idp
-hannu
|
- [cat-users] freeradius and use_tunneled_reply, Teulahti, Hannu, 12/10/2013
- Re: [cat-users] freeradius and use_tunneled_reply, Alan Buxey, 12/10/2013
Archive powered by MHonArc 2.6.19.