EAP-TLS Attributes

Houston-III, Lester L lester.l.houston-iii at boeing.com
Wed Nov 16 22:53:43 CET 2011


I'm trying to clear some confusion I'm experiencing.  This is probably not the right place to ask this question, but I haven't been having much luck finding any answers on the web.  I have a FreeRADIUS server running that is acting as a backend authenticator for my VPN server, which is StrongSwan.   FreeRADIUS is using LDAP for authorization and I have JRADIUS connected for performing post authorization.  Currently, I'm using EAP-TLS for connectivity from the StrongSwan VPN client down to JRADIUS and this is working well.

What I want to do now is have the StrongSwan VPN client inject some custom data into the EAP message so that data can be propagated through to JRADIUS for use in the post authorization method.  Maybe something like creating my own attribute or something.  Is this possible?  If so, how can I do this?  If not, is there a way to modify an existing FreeRADIUS attribute that can be modified by the StrongSwan VPN client?

Lester Houston III
lester.l.houston-iii at boeing.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20111116/7b7bb32d/attachment.html>


More information about the Freeradius-Users mailing list