On 13 June 2017 09:19:21 BST, adrian.p.smith@bt.com wrote:
Thanks for the tips, this has got me a lot further. My default server now does the EAP work and passes the Access-Request to the inner-tunnel, but I think I need one last thing as it doesn't want to proxy it:
server inner-tunnel { # Executing section authorize from file /etc/raddb/sites-enabled/inner-tunnel +- entering group authorize {...} ++[chap] returns noop [mschap] Found MS-CHAP attributes. Setting 'Auth-Type = mschap' ++[mschap] returns ok [IPASS] Looking up realm "passpoint" for User-Name = "passpoint/adrian" [IPASS] Found realm "passpoint" [IPASS] Adding Realm = "passpoint" [IPASS] Proxying request from user adrian to realm passpoint [IPASS] Preparing to proxy authentication request to realm "passpoint" ++[IPASS] returns updated [suffix] Request already proxied. Ignoring. ++[suffix] returns ok [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[files] returns noop ++[expiration] returns noop ++[logintime] returns noop ++[pap] returns noop } # server inner-tunnel
What does the rest of the debug output say? Proxying happens after this. -- Matthew