terminating EAP tunnels, proxy and realms
Arran Cudbard-Bell
A.Cudbard-Bell at sussex.ac.uk
Sat Jun 23 17:15:41 CEST 2007
Alan DeKok wrote:
> Arran Cudbard-Bell wrote:
>
>> So the eap module extracts the attributes encoded in the eap message ? I
>> can see that working for EAP GTC and EAP PAP but not MschapV2 ?
>>
>
> It works for GTC, PAP, and MS-CHAPv2. The server can terminate PEAP,
> and proxy the inner EAP-MSCHAPv2 session as plain MS-CHAPv2.
>
Ah cool, thats actually really useful . Does only one packet need to be
proxied per EAP authentication ?
> With the new virtual server support, it's now possible to have the
> inner tunnel session run through it's own virtual server, independent of
> the outer tunnel session. Just set "Virtual-Server = foo" via "update
> control", and the inner tunnel session will be run through "server foo".
>
> 30 lines of code changed: incredible new flexibility.
>
>
Yes look forward to trying it ;)
Built on failover partner and same result , so deffinately not a
hardware error, points to either the architecture or the compiler...
More information about the Freeradius-Users
mailing list