There are quite a few components coming into play here so I'm not exactly sure whats breaking where.
Let me start with explaining our setup:
We use cisco 1142 agn lightweight access points connected to a 4402 Wireless Lan Controller
This controller is doing radius authentication off of Freeradius 1.1.8 (with FreeBSD as the Host OS) on our primary ssid. When people authenticate it replies with Tunnel-Private-Group-ID based on their username/group. This puts them in the correct vlan for their department.
This works perfectly fine with our Apple Laptops, iPhones, and iPads.
However when I join with my Android phone or my n900 (maemo), I get put in the default vlan for the SSID. After some digging I found the following:
When joining from the Apple devices, the User-Name comes accross as
When Joining from my Android, it comes accross as:
Tue Aug 10 11:26:53 2010
User-Name = "1fT6ESzC4Dbj9oIpiJjjfg=="
(A few chars changed to prevent the username from being figured out)
This somehow is authenticating correctly because I get an IP address (in the incorrect vlan) and can surf the net, and if I mistype the password I get an authentication failure, but when it tries to do a match for the username to determine their group/vlan it fails because we don't have any users with that user name.
Has anyone seen this before or have any leads I should follow?