(RADIATOR) rewrite User-Name in access-accept??

Hugh Irvine hugh at open.com.au
Tue Jun 22 18:33:57 CDT 2004 

Hello Jeff -

Yes you should be able to do what you describe.

Can you please send me a copy of your configuration file and a trace 4 
debug showing what is happening?

You may need to remove the first User-Name before adding the second one 
(whether this works on the Cisco remains to be seen).

	StripFromReply User-Name
	AddToReply User-Name = .....

regards

Hugh


On 23 Jun 2004, at 09:26, Jeff Wolfe wrote:

>
> Is it possible to rewrite the username in the access-accept packet 
> that radiator sends back as part of an EAP-TTLS packet?
>
> I'm specifically interested in replacing the outer username In 
> EAP-TTLS with the inner username.
> I'm arguing with Cisco over accounting with EAP-TTLS, they claim the 
> AP1200 listens to the user-name in the access-accept packet for the 
> user-name used in the accounting start and stop packets that follow.
>
> I'm not so sure, but based on observation of the transaction with a 
> sniffer, radiator does not send a user-name attribute in the 
> access-accept packet at all.
>
> To make matters worse, when I use "AddToReply" to add a user-name 
> attribute, I get 2 in the packet; the "user-name=anonymous" I don't 
> want and the "user-name=luser" that I added.
>
> My brain is fried at the moment, so I'm going to wait until tomorrow 
> to go look at the code again. :)
>
> thanks
>
> -JEff
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.
>
>

NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list