EAP-ttls tunnel inner outer authentication credential management

Arran Cudbard-Bell A.Cudbard-Bell at sussex.ac.uk
Mon Feb 4 10:02:36 CET 2008


theSnail wrote:
> Is there a way to manage in a different way the inner and the outer
> authentication credential in a EAP-ttls + PAP tunnel?
> 
> for example authenticate the outter credential against a file and the inner
> against ldap dir.
> 
> thanks
> arjuna

Yes, with FreeRADIUS version 2, authentication requests are sent to an 
'inner' virtual server, place your ldap module in the authorise stanza 
of that section, and your file module in the authorise stanza of the 
outer server.

With V1 it's much harder.



More information about the Freeradius-Users mailing list