New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

radiusTunnelPassword should not be SINGLE-VALUE #2061

rgrant opened this Issue Sep 12, 2017 · 1 comment


None yet
3 participants

rgrant commented Sep 12, 2017

The OpenLDAP schema supplied with FreeRADIUS in:


should be modified to conform with RFC2868, and allow multiple radiusTunnelPassword entries.

Despite the RFC, the Tunnel-Password packet MUST be passed to the trusted Proxy, in order for a remote L2TP Access Concentrator (LAC) to obtain authentication details to login to an L2TP Network Server (LNS).

Using only one radiusTunnelPassword entry results in only the FIRST Tunnel-Server-Endpoint working.

Please modify the sample schema to remove the SINGLE-VALUE specification.


This comment has been minimized.

Show comment
Hide comment

arr2036 Sep 13, 2017


Agreed. Please send a pull request.


arr2036 commented Sep 13, 2017

Agreed. Please send a pull request.

alandekok added a commit that referenced this issue Nov 3, 2017

update schema. Fixes #2061
Getting pull requests from people is MUCH nicer than people
opening bug reports and saying "meh, you guys fix it."

It's not really that much more difficult to send a pull request
than to open a bug report.

@alandekok alandekok closed this Nov 3, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment