Update the example to show EAP-Key-Name

author Alan T. DeKok <aland@freeradius.org>

Thu, 14 Feb 2013 16:56:34 +0000 (11:56 -0500)

committer Alan T. DeKok <aland@freeradius.org>

Thu, 14 Feb 2013 16:56:34 +0000 (11:56 -0500)
author Alan T. DeKok <aland@freeradius.org>
Thu, 14 Feb 2013 16:56:34 +0000 (11:56 -0500)
committer Alan T. DeKok <aland@freeradius.org>
Thu, 14 Feb 2013 16:56:34 +0000 (11:56 -0500)
diff --git a/raddb/sites-available/default b/raddb/sites-available/default

index 1d13543509e2046e4cf9e4793a8cb6079fafdb3c..1372649822d21cf9a10607981d9bc96b9ff5ff56 100644 (file)
--- a/raddb/sites-available/default
+++ b/raddb/sites-available/default
@@ -542,6 +542,16 @@ post-auth {
  #             Reply-Message += "%{TLS-Client-Cert-Subject-Alt-Name-Email}"
  #      }
  
+       #  MacSEC requires the use of EAP-Key-Name.  However, we don't
+       #  want to send it for all EAP sessions.  Therefore, the EAP
+       #  modules put required data into the EAP-Session-Id attribute.
+       #  This attribute is never put into a packet.
+       #
+       #  Uncomment the next few lines to copy the required data into
+       #  the EAP-Key-Name attribute
+#      update reply {
+#              EAP-Key-Name := "%{reply:EAP-Session-Id}"
+#      }
  
         #  If the WiMAX module did it's work, you may want to do more
         #  things here, like delete the MS-MPPE-*-Key attributes.
author	Alan T. DeKok <aland@freeradius.org>
	Thu, 14 Feb 2013 16:56:34 +0000 (11:56 -0500)
committer	Alan T. DeKok <aland@freeradius.org>
	Thu, 14 Feb 2013 16:56:34 +0000 (11:56 -0500)