I'm running into an issue i just can't figure out. Within FreeRadius i use the "post-proxy" section to evaluate conditions. This has always worked fine for me. However, now i'm facing a strange issue:
This is the Access-Accept i receive:
(11877) Tue Jul 2 10:21:36 2019: Debug: Received Access-Accept Id 198 from xxx.xxx.xxx.xxx:1812 to xxx.xxx.xxx.xxx:53259 length 309
(11877) Tue Jul 2 10:21:36 2019: Debug: Proxy-State = 0x3731
(11877) Tue Jul 2 10:21:36 2019: Debug: Framed-Protocol = PPP
(11877) Tue Jul 2 10:21:36 2019: Debug: Service-Type = Framed-User
(11877) Tue Jul 2 10:21:36 2019: Debug: Tunnel-Medium-Type:0 = IEEE-802
(11877) Tue Jul 2 10:21:36 2019: Debug: Tunnel-Private-Group-Id:0 = "530"
(11877) Tue Jul 2 10:21:36 2019: Debug: Tunnel-Type:0 = VLAN
(11877) Tue Jul 2 10:21:36 2019: Debug: EAP-Message = 0x030c0004
(11877) Tue Jul 2 10:21:36 2019: Debug: Class = 0xXXXXX
(11877) Tue Jul 2 10:21:36 2019: Debug: MS-CHAP-Domain = "XXXXX"
(11877) Tue Jul 2 10:21:36 2019: Debug: MS-CHAP2-Success = 0xXXXXX
(11877) Tue Jul 2 10:21:36 2019: Debug: MS-MPPE-Send-Key = 0xXXXXX
(11877) Tue Jul 2 10:21:36 2019: Debug: MS-MPPE-Recv-Key = 0xXXXXX
(11877) Tue Jul 2 10:21:36 2019: Debug: Message-Authenticator = 0xXXXXX
When i try to evaluate the VLAN / Tunnel-Private-Group-Id i get this:
(11877) Tue Jul 2 10:21:36 2019: Debug: if (proxy-reply:Tunnel-Private-Group-ID == "530") {
(11877) Tue Jul 2 10:21:36 2019: ERROR: Failed retrieving values required to evaluate condition
Am i missing something obvious? And can someone tell me what the ":0" means behind these three attributes:
Tunnel-Medium-Type:0
Tunnel-Private-Group-Id:0
Tunnel-Type:0
I've looked al over the internet but couldn't find documentation about it. My guess is it has something to do with the inner/outer tunnel?
Of course it had to be something obvious, and it was.
It seems that a attribute filter was applied that filtered the Tunnel-Private-Group-ID attribute during the post-proxy.