Proxy EAP-TTLS inner auth type
Alan DeKok
aland at ox.org
Thu Jun 2 19:42:37 CEST 2005
"Sayantan Bhowmick" <sbhowmick at novell.com> wrote:
> This talks about PEAP. Is the same possible for EAP-TTLS?
Yes.
> Also i could not find any information about the attribute
> "proxy_tunnel_request_as_eap" mentioned in the previous mail.
> Can someone please point me to any documentation on how to
> configure the server to terminate the tunnel and proxy the
> inner auth type.
The server terminates the tunnel by default. To proxy the inner
session, do:
DEFAULT FreeRADIUS-Proxied-To == 127.0.0.1, Proxy-To-Realm := "foo"
Which will proxy the inner session, as-is, to realm "foo".
The "proxy_tunnel_request_as_eap" is strictly for PEAP, and if set
to "no", the code converts EAP-MSCHAPv2 to plain old MSCHAPv2, before
proxying it.
Alan DeKok.
More information about the Freeradius-Users
mailing list