5 Dec
2005
5 Dec
'05
12:48 p.m.
Samuel Degrande <Samuel.Degrande@lifl.fr> wrote:
I use EAP-TTLS/PAP between a 802.1X supplicant and a radius server. I would like to proxy the authentication to an other radius server. So, is it possible to 'decapsulate' the authentication protocol from EAP on the first radius server, and only send user-name/user-password attributes to the central radius server ?
Yes. Put the following into your "users" file to proxy the inner session for user "bob". bob FreeRADIUS-Proxied-To == 127.0.0.1, Proxy-To-Realm := "realm"
(i guess that my question is stupid, but I don't know how to express it in the good way...)
You did fine. Alan DeKok.