Unable to authenticate to Open Directory

Kerry Tobin kwtobin at wisc.edu
Tue Nov 4 22:15:05 CET 2008

I think we're back to what I had been trying to do on my test machines  
now and still can't seem to get working.

When I add "DEFAULT FreeRADIUS-Proxied-To ==, Proxy-To- 
Realm := DOMAIN" to users of the first server (I believe that's the  
correct place to put it). I get "rlm_eap: Request is supposed to be  
proxied to Realm DOMAIN.  Not doing EAP." on the first server and the  
proxy server still says " rlm_eap: Identity does not match User-Name,  
setting from EAP Identity."


Kerry Tobin

On Nov 4, 2008, at 1:04 PM, freeradius-users-request at lists.freeradius.org 

> Message: 1
> Date: Tue, 04 Nov 2008 17:39:50 +0100
> From: <tnt at kalik.net>
> Subject: Re: Unable to authenticate to Open Directory
> To: "FreeRadius users mailing list"
> 	<freeradius-users at lists.freeradius.org>
> Message-ID: <0PGr4bPr.1225816790.3478220.tnt at kalik.net>
> Content-Type: text/plain; charset=ISO-8859-2
>> OK, I've tried using a proxy and now it fails on rlm_eap and says the
>> User-Name doesn't match EAP Identity.  Is there a way to have EAP
>> processed on the local machine but authentication happen on the
>> remote?  Is that even the problem?
> DEFAULT   FreeRADIUS-Proxied-To ==, Proxy-To-Realm := DOMAIN
> That will proxy only the inner tunnel.
> Ivan Kalik
> Kalik Informatika ISP

More information about the Freeradius-Users mailing list