CP sends voucher as username to RADIUS when "re-auth every minute enabled"
|Affected version:||Affected Architecture:|
When using Captive Portal + RADIUS + vouchers then CaptivePortal sends the voucher code as username to RADIUS when "reauthenticate user every minute" is enabled. This leads to that RADIUS disconnects the "voucher" because it is an unknown username which is not in FreeRADIUS users.
When someone enters the voucher for the very first time than CP is not sending the voucher code to freeradius, which is correct. So we should make sure that vouchers will not be sent to RADIUS or vouchers first will be checked against voucher database and if it doesn't match then will be sent to RADIUS.
In an environment where an WLAN-AP is protected with WPA2-Enterprise (PEAP) the users can authenticate to the WLAN-AP using a username/password which is in FreeRADIUS -> Users. So WLAN traffic is encrypted and cannot be sniffed easily. And to gain access to the internet there will be a voucher and CP.