What proxy features does the freeradius server support?
Alan DeKok
aland at deployingradius.com
Fri Oct 20 19:18:50 CEST 2017
On Oct 20, 2017, at 12:45 PM, work vlpl <thework.vlpl at gmail.com> wrote:
>
> Thank you for your answers, you help a lot, could you answer a couple more
> questions?
Sure.
> log from home server
> ...
> (0) eap: ERROR: rlm_eap (EAP): No EAP session matching state 0x0998f23b0990e83c
> (0) eap: Either EAP-request timed out OR EAP-response to an unknown EAP-request
It's hard to tell from the truncated debug output. But I suspect the proxy is sending a State when it shouldn't.
>
> and virtual site for inner tunnel
>
> ==
> server peap_and_ttls {
> authorize {
> eap {
> ok = return
> }
If you're doing to proxy the inner-tunnel session, you CANNOT do EAP in the inner-tunnel.
Pick one: (a) run the EAP module in the inner-tunnel, or (b) proxy in the inner-tunnel.
> if(&reply:Supplicant-Use-Remote == 'yes') {
> update control {
> Proxy-To-Realm := 'testing-realm'
You can't do that. I already said so in a previous message.
Alan DeKok.
More information about the Freeradius-Users
mailing list