Proxy EAP-TTLS inner auth type
Sayantan Bhowmick
sbhowmick at novell.com
Fri Jun 3 05:00:48 CEST 2005
Thanks for your help Alan. I will try this setup.
-Sayantan
>>> aland at ox.org 06/02/05 11:12 PM >>>
"Sayantan Bhowmick" <sbhowmick at novell.com> wrote:
> This talks about PEAP. Is the same possible for EAP-TTLS?
Yes.
> Also i could not find any information about the attribute
> "proxy_tunnel_request_as_eap" mentioned in the previous mail.
> Can someone please point me to any documentation on how to
> configure the server to terminate the tunnel and proxy the
> inner auth type.
The server terminates the tunnel by default. To proxy the inner
session, do:
DEFAULT FreeRADIUS-Proxied-To == 127.0.0.1, Proxy-To-Realm :=
"foo"
Which will proxy the inner session, as-is, to realm "foo".
The "proxy_tunnel_request_as_eap" is strictly for PEAP, and if set
to "no", the code converts EAP-MSCHAPv2 to plain old MSCHAPv2, before
proxying it.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list