terminating EAP tunnels, proxy and realms
Alan DeKok
aland at deployingradius.com
Sat Jun 23 16:47:53 CEST 2007
Arran Cudbard-Bell wrote:
> So the eap module extracts the attributes encoded in the eap message ? I
> can see that working for EAP GTC and EAP PAP but not MschapV2 ?
It works for GTC, PAP, and MS-CHAPv2. The server can terminate PEAP,
and proxy the inner EAP-MSCHAPv2 session as plain MS-CHAPv2.
With the new virtual server support, it's now possible to have the
inner tunnel session run through it's own virtual server, independent of
the outer tunnel session. Just set "Virtual-Server = foo" via "update
control", and the inner tunnel session will be run through "server foo".
30 lines of code changed: incredible new flexibility.
Alan DeKok.
More information about the Freeradius-Users
mailing list