Levavi, Yariv wrote:
We are trying to configure our FreeRadius environment to work with EAP-GTC (2 factor authentication):
1) When configuring working in proxy mode – the client (Netmotion 10.11) does not pop second authentication login screen (“password:”). Can you tell why or what should we configure differently in order to make it work?
Ask Netmotion how their systems work. I don't see why proxying would make any difference.
2) The pratical configuration we are trying to get is – first authentication will be against AD and the second one (response to Access_Challenge) against forwarded Radius Authentication server. How can this be configured?
I'm not sure what you're doing. As always, look at the debug output. If you can read it and tell the difference between step 1 and step 2, then you can write "unlang" policies to key off of those differences. As with anything RADIUS, almost *everything* is in the RADIUS packets. If it's not in the RADIUS packet, it pretty much doesn't exist. Maybe sometimes you can put information into a database, but you've got to manage that yourself. Alan DeKok.