Proxy EAP-TTLS inner auth type

Sayantan Bhowmick sbhowmick at
Fri Jun 3 05:00:48 CEST 2005

Thanks for your help Alan. I will try this setup.


>>> aland at 06/02/05 11:12 PM >>>
"Sayantan Bhowmick" <sbhowmick at> wrote:
> This talks about PEAP. Is the same possible for EAP-TTLS?


> Also i could not find any information about the attribute 
> "proxy_tunnel_request_as_eap" mentioned in the previous mail. 
> Can someone please point me to any documentation on how to 
> configure the server to terminate the tunnel and proxy the 
> inner auth type.

  The server terminates the tunnel by default.  To proxy the inner
session, do:

DEFAULT	 FreeRADIUS-Proxied-To ==, Proxy-To-Realm :=

  Which will proxy the inner session, as-is, to realm "foo".

  The "proxy_tunnel_request_as_eap" is strictly for PEAP, and if set
to "no", the code converts EAP-MSCHAPv2 to plain old MSCHAPv2, before
proxying it.

  Alan DeKok.

List info/subscribe/unsubscribe? See

More information about the Freeradius-Users mailing list