EAP-TTLS/PAP and proxying
Alan DeKok
aland at ox.org
Mon Dec 5 18:48:38 CET 2005
Samuel Degrande <Samuel.Degrande at lifl.fr> wrote:
> I use EAP-TTLS/PAP between a 802.1X supplicant and a radius
> server. I would like to proxy the authentication to an other
> radius server. So, is it possible to 'decapsulate' the authentication
> protocol from EAP on the first radius server, and only send
> user-name/user-password attributes to the central radius server ?
Yes. Put the following into your "users" file to proxy the inner
session for user "bob".
bob FreeRADIUS-Proxied-To == 127.0.0.1, Proxy-To-Realm := "realm"
> (i guess that my question is stupid, but I don't know how
> to express it in the good way...)
You did fine.
Alan DeKok.
More information about the Freeradius-Users
mailing list