terminating EAP tunnels, proxy and realms

Alan DeKok aland at deployingradius.com
Sat Jun 23 15:34:19 CEST 2007


Andreas Liebe wrote:
> I do not want to terminate the EAP tunnels for the foreign realms, but I
> have to terminate the local one (@tu-darmstadt.de and NULL) as I have to
> forward the requests to a set of internal radius servers not capable of
> speaking EAP.

  Set Proxy-To-Realm := LOCAL for the realms you want to terminate
locally.  Make sure that this is done before the "eap" module is run in
the "authorise" section.

  Then, put the following in the "users" file to proxy the inner request
to another realm:

DEFAULT	FreeRADIUS-Proxied-To == 127.0.0.1, Proxy-To-Realm = oldservers

  2.0.0 should have a much more fine-grained way to control this.

  Alan DeKok.



More information about the Freeradius-Users mailing list