1 Oct
2009
1 Oct
'09
6:20 p.m.
Okay, I munched over the source code and I'm guessing I'm being a crettin, but I'm hoping you can tell me what I'm doing wrong.
If you use the 'virtual_server' functionality in the ttls{} section of eap.conf, everything works great if you get an Access-Accept from the inner virtual server ('auth' for me). When I say "works great", I mean the 'post-auth' section of the EAP calling ('auth-eap') virtual server is munched through. However, if 'Access-Reject' is returned then 'post-auth' is not parsed and it bombs immediently back out to the to outer virtual server's ('dot1x') post-proxy section.
Try testing the reply:Packet-Type there. If it's Access-Reject do those updates. Ivan Kalik Kalik Informatika ISP