Terminate EAP-TTLS then proxy
Peter Lambrechtsen
peter at crypt.nz
Mon Jun 12 21:57:34 CEST 2017
You would also want to comment the "suffix" module from your main "default"
site and add it to inner-tunnel
Suffix is what looks up the realms from the proxy.conf and adds the proxy
destination to request or not.
On 13/06/2017 06:11, "Alan Buxey" <alan.buxey at gmail.com> wrote:
> yes.... with various extra bits of config. firstly, you would need
> to use unlang to set the authentication to be local
> for a particular realm, then, in the inner-tunnel, you would need to
> use unlang to proxy the request to a defined
> realm pool.
>
> alan
>
> On 12 June 2017 at 07:51, <adrian.p.smith at bt.com> wrote:
> > I would like to be able to proxy the Auth request after terminating the
> EAP-TTLS. FreeRadius sees the realm prefix on the User-Name and wants to
> proxy first.
> >
> > Is this possible or even sensible please?
> >
> > Regards,
> >
> > Adrian
> > -
> > List info/subscribe/unsubscribe? See http://www.freeradius.org/
> list/users.html
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/
> list/users.html
More information about the Freeradius-Users
mailing list