terminating EAP tunnels, proxy and realms
Helmut Tröbs
Helmut.Troebs at lrz-muenchen.de
Fri Jun 22 14:18:52 CEST 2007
Hello Andreas,
>
> No we want to participate in inter University roaming (eduroam) and thus
> have to proxy some requests a parent server. Everything works great
> except regarding the outer identity.
>
> If it's just "anonymous" everything is ok, but if it's
> "anonymous@<somerealm>" and <somerealm> is configured in proxy.conf the
> EAP-Request ist proxied instead of terminated. This is correct by
> configuration but not wanted.
>
> Is there a way to terminate the EAP regardless of the outer identity?
>
why do you want this. The EAP Tunnel should terminate on the last
RADIUS where the user belongs. On your RADIUS only the EAP-Tunnels for
your users should be terminating.
Read
http://www.dfn.de/content/fileadmin/1Dienstleistungen/GWIN/sonstiges/Konfiguration-freeradius.pdf
it is for DFN-Roaming, but it is the same as EDUROAM.
regards
Helmut
More information about the Freeradius-Users
mailing list