Unable to authenticate to Open Directory
Kerry Tobin
kwtobin at wisc.edu
Tue Nov 4 22:15:05 CET 2008
I think we're back to what I had been trying to do on my test machines
now and still can't seem to get working.
When I add "DEFAULT FreeRADIUS-Proxied-To == 127.0.0.1, Proxy-To-
Realm := DOMAIN" to users of the first server (I believe that's the
correct place to put it). I get "rlm_eap: Request is supposed to be
proxied to Realm DOMAIN. Not doing EAP." on the first server and the
proxy server still says " rlm_eap: Identity does not match User-Name,
setting from EAP Identity."
Thanks,
Kerry Tobin
On Nov 4, 2008, at 1:04 PM, freeradius-users-request at lists.freeradius.org
wrote:
>
> Message: 1
> Date: Tue, 04 Nov 2008 17:39:50 +0100
> From: <tnt at kalik.net>
> Subject: Re: Unable to authenticate to Open Directory
> To: "FreeRadius users mailing list"
> <freeradius-users at lists.freeradius.org>
> Message-ID: <0PGr4bPr.1225816790.3478220.tnt at kalik.net>
> Content-Type: text/plain; charset=ISO-8859-2
>
>> OK, I've tried using a proxy and now it fails on rlm_eap and says the
>> User-Name doesn't match EAP Identity. Is there a way to have EAP
>> processed on the local machine but authentication happen on the
>> remote? Is that even the problem?
>>
>
> DEFAULT FreeRADIUS-Proxied-To == 127.0.0.1, Proxy-To-Realm := DOMAIN
>
> That will proxy only the inner tunnel.
>
> Ivan Kalik
> Kalik Informatika ISP
>
More information about the Freeradius-Users
mailing list