Terminate EAP-PEAP client connection at FreeRadius Proxyandproxy(forward) request as PAP
Jayal1972
joakim.lindgren at gmail.com
Mon Feb 4 14:13:43 CET 2008
Hi again, now the LOCAL and NOT local domain (=proxied) connection works,
almost...
Description: EAP-TTLS-PAP with Windows W2 Secure client.
1. If LOCAL domain then authenticate against (local) LDAP = This works.
2. If OTHER domain (SECURACCESS) terminate EAP tunnel and proxy only PAP and
authenticate against
other only PAP Radius.. = Doesn´t work...
Problem: The proxied PAP doesn´t work due to the User Password...
Output below:
==========
radiusd.conf
===========================================================================================================
...
modules {
pap {
auto_header = yes
}
chap {
authtype = CHAP
}
pam {
pam_auth = radiusd
}
unix {
cache = no
cache_reload = 600
radwtmp = ${logdir}/radwtmp
}
$INCLUDE ${confdir}/eap.conf
mschap {
use_mppe = yes
require_encryption = yes
require_strong = yes
}
ldap {
server = "192.168.1.71"
identity = "cn=admin,o=Contonso"
password = "toor"
basedn = "o=Contonso"
filter = "(uid=%{Stripped-User-Name:-%{User-Name}})"
start_tls = yes
tls_mode = no
tls_cacertfile =
/etc/raddb/certs/eDirCerts/edirectory_ROOT_Cert_DER.pem
dictionary_mapping = ${raddbdir}/ldap.attrmap
ldap_connections_number = 5
password_attribute = nspmPassword
tls_require_cert = "allow"
timeout = 4
timelimit = 3
net_timeout = 1
port = 389
edir_account_policy_check=yes
}
realm suffix {
format = suffix
delimiter = "@"
ignore_default = no
ignore_null = yes
}
realm ntdomain {
format = prefix
delimiter = "\\"
ignore_default = no
ignore_null = yes
}
...
authorize {
preprocess
chap
mschap
suffix
ntdomain
eap
files
ldap
pap
}
authenticate {
Auth-Type PAP {
pap
}
Auth-Type CHAP {
chap
}
Auth-Type MS-CHAP {
mschap
}
unix
Auth-Type LDAP {
ldap
}
eap
}
post-auth {
ldap
Post-Auth-Type REJECT {
ldap
}
}
===ENDradiusd.conf==========================================================
========
Proxy.conf
====================================================================
realm NULL {
type = radius
authhost = LOCAL
accthost = LOCAL
}
realm LOCAL {
type = radius
authhost = LOCAL
accthost = LOCAL
}
realm DOMAIN {
type = radius
authhost = LOCAL
accthost = LOCAL
}
realm SECURACCESS {
type = radius
authhost = 192.168.1.75:1812
accthost = 192.168.1.75:1813
secret = toor
# nostrip
}
====================================================================
=======
eap.conf
=====================================================================
eap {
default_eap_type = ttls
timer_expire = 60
ignore_unknown_eap_types = no
cisco_accounting_username_bug = no
md5 {
}
leap {
}
gtc {
auth_type = PAP
}
tls {
private_key_password = password
private_key_file =
${raddbdir}/certs/jaysCA2/osuse-freeradius/server_keycert.pem
certificate_file =
${raddbdir}/certs/jaysCA2/osuse-freeradius/server_keycert.pem
CA_file = ${raddbdir}/certs/jaysCA2/cacert.pem
dh_file = ${raddbdir}/certs/dh
random_file = ${raddbdir}/certs/random
fragment_size = 1024
include_length = yes
}
ttls {
default_eap_type = md5
#Tried the = gtc as well ;-)
copy_request_to_tunnel = yes
use_tunneled_reply = yes
}
peap {
default_eap_type = mschapv2
proxy_tunneled_request_as_eap = no
}
mschapv2 {
}
}
===ENDEAP=================================================================
=========
clients.conf
===============================================
client 192.168.1.0/24 {
secret = toor
shortname = private-network-1
}
================================================
====
users
===========================================================================
DEFAULT FreeRADIUS-Proxied-To !* 127.0.0.1, Proxy-To-Realm
:= LOCAL
SECURACCESS FreeRADIUS-Proxied-To == 127.0.0.1, Proxy-To-Realm
:= "SECURACCESS"
==ENDusers===================================================================
========
output:
===================================================
Mon Feb 4 13:03:46 2008 : Debug: Module: Instantiated radutmp (radutmp)
Mon Feb 4 13:03:46 2008 : Debug: Listening on authentication *:1812
Mon Feb 4 13:03:46 2008 : Debug: Listening on accounting *:1813
Mon Feb 4 13:03:46 2008 : Debug: Listening on proxy *:1814
Mon Feb 4 13:03:46 2008 : Info: Ready to process requests.
rad_recv: Access-Request packet from host 192.168.1.150:32797, id=185,
length=199
User-Name = "joakimlindgren at SECURACCESS"
NAS-IP-Address = 192.168.1.73
NAS-Port = 1
NAS-Identifier = "10"
NAS-Port-Type = Wireless-802.11
Calling-Station-Id = "0012793DFC0C"
Called-Station-Id = "000B86600A58"
Framed-MTU = 1100
EAP-Message =
0x0201001f016a6f616b696d6c696e646772656e405345435552414343455353
Aruba-Essid-Name = "demo-wpa-aes-eap-radius"
Aruba-Location-Id = "1.1.1"
Message-Authenticator = 0x4a71e7a8e828c5fbfeba6f153ee22c40
Mon Feb 4 13:04:03 2008 : Debug: Processing the authorize section of
radiusd.conf
Mon Feb 4 13:04:03 2008 : Debug: modcall: entering group authorize for
request 0
Mon Feb 4 13:04:03 2008 : Debug: modsingle[authorize]: calling preprocess
(rlm_preprocess) for request 0
Mon Feb 4 13:04:03 2008 : Debug: modsingle[authorize]: returned from
preprocess (rlm_preprocess) for request 0
Mon Feb 4 13:04:03 2008 : Debug: modcall[authorize]: module "preprocess"
returns ok for request 0
Mon Feb 4 13:04:03 2008 : Debug: modsingle[authorize]: calling chap
(rlm_chap) for request 0
Mon Feb 4 13:04:03 2008 : Debug: modsingle[authorize]: returned from chap
(rlm_chap) for request 0
Mon Feb 4 13:04:03 2008 : Debug: modcall[authorize]: module "chap"
returns noop for request 0
Mon Feb 4 13:04:03 2008 : Debug: modsingle[authorize]: calling mschap
(rlm_mschap) for request 0
Mon Feb 4 13:04:03 2008 : Debug: modsingle[authorize]: returned from
mschap (rlm_mschap) for request 0
Mon Feb 4 13:04:03 2008 : Debug: modcall[authorize]: module "mschap"
returns noop for request 0
Mon Feb 4 13:04:03 2008 : Debug: modsingle[authorize]: calling suffix
(rlm_realm) for request 0
Mon Feb 4 13:04:03 2008 : Debug: rlm_realm: Looking up realm
"SECURACCESS" for User-Name = "joakimlindgren at SECURACCESS"
Mon Feb 4 13:04:03 2008 : Debug: rlm_realm: Found realm "SECURACCESS"
Mon Feb 4 13:04:03 2008 : Debug: rlm_realm: Adding Stripped-User-Name =
"joakimlindgren"
Mon Feb 4 13:04:03 2008 : Debug: rlm_realm: Proxying request from user
joakimlindgren to realm SECURACCESS
Mon Feb 4 13:04:03 2008 : Debug: rlm_realm: Adding Realm =
"SECURACCESS"
Mon Feb 4 13:04:03 2008 : Debug: rlm_realm: Preparing to proxy
authentication request to realm "SECURACCESS"
Mon Feb 4 13:04:03 2008 : Debug: modsingle[authorize]: returned from
suffix (rlm_realm) for request 0
Mon Feb 4 13:04:03 2008 : Debug: modcall[authorize]: module "suffix"
returns updated for request 0
Mon Feb 4 13:04:03 2008 : Debug: modsingle[authorize]: calling ntdomain
(rlm_realm) for request 0
Mon Feb 4 13:04:03 2008 : Debug: rlm_realm: Request already proxied.
Ignoring.
Mon Feb 4 13:04:03 2008 : Debug: modsingle[authorize]: returned from
ntdomain (rlm_realm) for request 0
Mon Feb 4 13:04:03 2008 : Debug: modcall[authorize]: module "ntdomain"
returns noop for request 0
Mon Feb 4 13:04:03 2008 : Debug: modsingle[authorize]: calling eap
(rlm_eap) for request 0
Mon Feb 4 13:04:03 2008 : Debug: rlm_eap: Request is supposed to be
proxied to Realm SECURACCESS. Not doing EAP.
Mon Feb 4 13:04:03 2008 : Debug: modsingle[authorize]: returned from eap
(rlm_eap) for request 0
Mon Feb 4 13:04:03 2008 : Debug: modcall[authorize]: module "eap" returns
noop for request 0
Mon Feb 4 13:04:03 2008 : Debug: modsingle[authorize]: calling files
(rlm_files) for request 0
Mon Feb 4 13:04:03 2008 : Debug: users: Matched entry DEFAULT at line
209
Mon Feb 4 13:04:03 2008 : Debug: modsingle[authorize]: returned from
files (rlm_files) for request 0
Mon Feb 4 13:04:03 2008 : Debug: modcall[authorize]: module "files"
returns ok for request 0
Mon Feb 4 13:04:03 2008 : Debug: modsingle[authorize]: calling ldap
(rlm_ldap) for request 0
Mon Feb 4 13:04:03 2008 : Debug: rlm_ldap: - authorize
Mon Feb 4 13:04:03 2008 : Debug: rlm_ldap: performing user authorization
for joakimlindgren
Mon Feb 4 13:04:03 2008 : Debug: radius_xlat: '(uid=joakimlindgren)'
Mon Feb 4 13:04:03 2008 : Debug: radius_xlat: 'o=Contonso'
Mon Feb 4 13:04:03 2008 : Debug: rlm_ldap: ldap_get_conn: Checking Id: 0
Mon Feb 4 13:04:03 2008 : Debug: rlm_ldap: ldap_get_conn: Got Id: 0
Mon Feb 4 13:04:03 2008 : Debug: rlm_ldap: attempting LDAP reconnection
Mon Feb 4 13:04:03 2008 : Debug: rlm_ldap: (re)connect to 192.168.1.71:389,
authentication 0
Mon Feb 4 13:04:03 2008 : Debug: rlm_ldap: setting TLS CACert File to
/etc/raddb/certs/eDirCerts/edirectory_ROOT_Cert_DER.pem
Mon Feb 4 13:04:03 2008 : Debug: rlm_ldap: starting TLS
Mon Feb 4 13:04:03 2008 : Debug: rlm_ldap: bind as cn=admin,o=Contonso/toor
to 192.168.1.71:389
Mon Feb 4 13:04:03 2008 : Debug: rlm_ldap: waiting for bind result ...
Mon Feb 4 13:04:03 2008 : Debug: rlm_ldap: Bind was successful
Mon Feb 4 13:04:03 2008 : Debug: rlm_ldap: performing search in o=Contonso,
with filter (uid=joakimlindgren)
Mon Feb 4 13:04:04 2008 : Debug: rlm_ldap: Added the eDirectory password in
check items
Mon Feb 4 13:04:04 2008 : Debug: rlm_ldap: looking for check items in
directory...
Mon Feb 4 13:04:04 2008 : Debug: rlm_ldap: looking for reply items in
directory...
Mon Feb 4 13:04:04 2008 : Debug: rlm_ldap: user joakimlindgren authorized
to use remote access
Mon Feb 4 13:04:04 2008 : Debug: rlm_ldap: ldap_release_conn: Release Id: 0
Mon Feb 4 13:04:04 2008 : Debug: modsingle[authorize]: returned from ldap
(rlm_ldap) for request 0
Mon Feb 4 13:04:04 2008 : Debug: modcall[authorize]: module "ldap"
returns ok for request 0
Mon Feb 4 13:04:04 2008 : Debug: modsingle[authorize]: calling pap
(rlm_pap) for request 0
Mon Feb 4 13:04:04 2008 : Debug: rlm_pap: No clear-text password in the
request. Not performing PAP.
Mon Feb 4 13:04:04 2008 : Debug: modsingle[authorize]: returned from pap
(rlm_pap) for request 0
Mon Feb 4 13:04:04 2008 : Debug: modcall[authorize]: module "pap" returns
noop for request 0
Mon Feb 4 13:04:04 2008 : Debug: modcall: leaving group authorize (returns
updated) for request 0
Mon Feb 4 13:04:04 2008 : Debug: WARNING: You set Proxy-To-Realm = LOCAL,
but it is a LOCAL realm! Cancelling invalid proxy request.
Mon Feb 4 13:04:04 2008 : Debug: auth: type Local
Mon Feb 4 13:04:04 2008 : Debug: auth: No User-Password or CHAP-Password
attribute in the request
Mon Feb 4 13:04:04 2008 : Debug: auth: Failed to validate the user.
Mon Feb 4 13:04:04 2008 : Auth: Login incorrect: [joakimlindgren/<no
User-Password attribute>] (from client Aruba-vlan-2 port 1 cli 0012793DFC0C)
Mon Feb 4 13:04:04 2008 : Debug: Found Post-Auth-Type
Mon Feb 4 13:04:04 2008 : Debug: Processing the post-auth section of
radiusd.conf
Mon Feb 4 13:04:04 2008 : Debug: modcall: entering group REJECT for request
0
Mon Feb 4 13:04:04 2008 : Debug: modsingle[post-auth]: calling ldap
(rlm_ldap) for request 0
Mon Feb 4 13:04:04 2008 : Debug: rlm_ldap: ldap_get_conn: Checking Id: 0
Mon Feb 4 13:04:04 2008 : Debug: rlm_ldap: ldap_get_conn: Got Id: 0
Mon Feb 4 13:04:04 2008 : Debug: rlm_ldap: attempting LDAP reconnection
Mon Feb 4 13:04:04 2008 : Debug: rlm_ldap: (re)connect to 192.168.1.71:389,
authentication 0
Mon Feb 4 13:04:04 2008 : Debug: rlm_ldap: setting TLS CACert File to
/etc/raddb/certs/eDirCerts/edirectory_ROOT_Cert_DER.pem
Mon Feb 4 13:04:04 2008 : Debug: rlm_ldap: starting TLS
Mon Feb 4 13:04:04 2008 : Debug: rlm_ldap: bind as
cn=joakimlindgren,o=Contonso/aassword to 192.168.1.71:389
Mon Feb 4 13:04:04 2008 : Debug: rlm_ldap: waiting for bind result ...
Mon Feb 4 13:04:08 2008 : Debug: rlm_ldap: ldap_result()
Mon Feb 4 13:04:08 2008 : Error: rlm_ldap: cn=joakimlindgren,o=Contonso
bind to 192.168.1.71:389 failed: timeout
Mon Feb 4 13:04:08 2008 : Error: rlm_ldap: eDirectory account policy check
failed.
Mon Feb 4 13:04:08 2008 : Debug: rlm_ldap:
Mon Feb 4 13:04:08 2008 : Debug: rlm_ldap: ldap_release_conn: Release Id: 0
Mon Feb 4 13:04:08 2008 : Debug: modsingle[post-auth]: returned from ldap
(rlm_ldap) for request 0
Mon Feb 4 13:04:08 2008 : Debug: modcall[post-auth]: module "ldap"
returns reject for request 0
Mon Feb 4 13:04:08 2008 : Debug: modcall: leaving group REJECT (returns
reject) for request 0
Mon Feb 4 13:04:08 2008 : Debug: Cancelling proxy as request was already
rejected
Mon Feb 4 13:04:08 2008 : Debug: Request 0 rejected in proxy_send.
Mon Feb 4 13:04:08 2008 : Debug: Server rejecting request 0.
Mon Feb 4 13:04:08 2008 : Debug: Finished request 0
Mon Feb 4 13:04:08 2008 : Debug: Going to the next request
Mon Feb 4 13:04:08 2008 : Debug: --- Walking the entire request list ---
Mon Feb 4 13:04:08 2008 : Debug: Waking up in 1 seconds...
rad_recv: Access-Request packet from host 192.168.1.150:32797, id=185,
length=199
Sending Access-Reject of id 185 to 192.168.1.150 port 32797
Reply-Message = ""
Mon Feb 4 13:04:08 2008 : Debug: --- Walking the entire request list ---
Mon Feb 4 13:04:08 2008 : Debug: Waking up in 1 seconds...
Mon Feb 4 13:04:09 2008 : Debug: --- Walking the entire request list ---
Mon Feb 4 13:04:09 2008 : Debug: Cleaning up request 0 ID 185 with
timestamp 47a6ff33
Mon Feb 4 13:04:09 2008 : Debug: Nothing to do. Sleeping until we see a
request.
===ENDoutput=============================================================================
========
My thoughts about the output:
==========================================
>Mon Feb 4 13:04:03 2008 : Debug: rlm_eap: Request is supposed to be
proxied to Realm >SECURACCESS. Not doing EAP.
Detects that we want to proxy domain SECURACCESS. Terminate EAP and only
proxy PAP.
>Mon Feb 4 13:04:03 2008 : Debug: modsingle[authorize]: calling files
(rlm_files) for request 0
>Mon Feb 4 13:04:03 2008 : Debug: users: Matched entry DEFAULT at line
209
>Mon Feb 4 13:04:03 2008 : Debug: modsingle[authorize]: returned from
files (rlm_files) for request 0
>Mon Feb 4 13:04:03 2008 : Debug: modcall[authorize]: module "files"
returns ok for request 0
Found the DEFAULT entry in users:
DEFAULT FreeRADIUS-Proxied-To !* 127.0.0.1, Proxy-To-Realm
:= LOCAL
>Mon Feb 4 13:04:03 2008 : Debug: rlm_ldap: - authorize
>Mon Feb 4 13:04:03 2008 : Debug: rlm_ldap: performing user authorization
for joakimlindgren
>Mon Feb 4 13:04:03 2008 : Debug: radius_xlat: '(uid=joakimlindgren)'
>Mon Feb 4 13:04:03 2008 : Debug: radius_xlat: 'o=Contonso'
...
>Mon Feb 4 13:04:03 2008 : Debug: rlm_ldap: waiting for bind result ...
>Mon Feb 4 13:04:03 2008 : Debug: rlm_ldap: Bind was successful
>Mon Feb 4 13:04:03 2008 : Debug: rlm_ldap: performing search in
o=Contonso, with filter >(uid=joakimlindgren)
>Mon Feb 4 13:04:04 2008 : Debug: rlm_ldap: Added the eDirectory password
in check items
>Mon Feb 4 13:04:04 2008 : Debug: rlm_ldap: looking for check items in
directory...
>Mon Feb 4 13:04:04 2008 : Debug: rlm_ldap: looking for reply items in
directory...
>Mon Feb 4 13:04:04 2008 : Debug: rlm_ldap: user joakimlindgren authorized
to use remote access
>Mon Feb 4 13:04:04 2008 : Debug: rlm_ldap: ldap_release_conn: Release Id:
0
>Mon Feb 4 13:04:04 2008 : Debug: modsingle[authorize]: returned from
ldap (rlm_ldap) for request 0
>Mon Feb 4 13:04:04 2008 : Debug: modcall[authorize]: module "ldap"
returns ok for request 0
Authorizing user joakimlindgren in Novell eDIrectory LDAP...
>Mon Feb 4 13:04:04 2008 : Debug: modsingle[authorize]: calling pap
(rlm_pap) for request 0
>Mon Feb 4 13:04:04 2008 : Debug: rlm_pap: No clear-text password in the
request. Not performing PAP.
Not finding a clear-text password?
Why can´t it suddenly use the password stored in the eDirectory (Stored as
clear-text?).
>Mon Feb 4 13:04:04 2008 : Debug: modsingle[authorize]: returned from pap
(rlm_pap) for request 0
>Mon Feb 4 13:04:04 2008 : Debug: modcall[authorize]: module "pap"
returns noop for request 0
>Mon Feb 4 13:04:04 2008 : Debug: modcall: leaving group authorize (returns
updated) for request 0
>Mon Feb 4 13:04:04 2008 : Debug: WARNING: You set Proxy-To-Realm =
LOCAL, but it is a LOCAL >realm! Cancelling invalid proxy request.
Only a warning right?
>Mon Feb 4 13:04:04 2008 : Debug: auth: type Local
>Mon Feb 4 13:04:04 2008 : Debug: auth: No User-Password or CHAP-Password
attribute in the request
Failed due to not finding a User-Password...Why?
>Mon Feb 4 13:04:04 2008 : Debug: auth: Failed to validate the user.
// Thanks
Ivan Kalik wrote:
>
> Eap-Type != peap. Local ones are using PEAP and remote EAP-TTLS/PAP,
> right?
>
> Ivan Kalik
> Kalik Informatika ISP
>
>
> Dana 2/2/2008, "Jayal1972" <joakim.lindgren at gmail.com> piše:
>
>>
>>Hi again,
>>
>>I mean: how to detect a special name in the request. And to NOT proxy
local
>>calls...
>>Is my configuration OK?
>>
>>// J
>>
>>
>>Jayal1972 wrote:
>>>
>>> Hi Ivan, I can´t thank you enough for the help.
>>>
>>>>Have different names for a server realm and user domain so you can
choose
>>>>when to proxy.
>>>
>>> Could you please leave me a hont how to do that.
>>>
>>> Why doesn´t it do PAP? When the connection reach the home server it´s
>>> encrypted?
>>>
>>> // J
>>>
>>>
>>>
>>> Ivan Kalik wrote:
>>>>
>>>>>All users found with SECURACCESS domain in name i.e.
>>"anyname at SECURACCESS".
>>>>>Proxy them with PAP authentication to "SECURACCCESS" domain IP address
>>>>>mentioned in proxy.conf.
>>>>>
>>>>>>Fall-Through := No
>>>>>
>>>>>If SECURACCESS domain found in User-Name "anyname at SECURACCESS" stop
after
>>>>>proxying.
>>>>>
>>>>>So I want to END all EAP tunnels at proxy for ALL domains. Authenticate
>>with
>>>>>LDAP except for SECURACCESS domain. IF SECURACCESS domain found, proxy
>>only
>>>>>PAP further (to IP address mentioned in proxy.conf).
>>>>>
>>>>>>Fri Feb 1 18:49:26 2008 : Debug: modsingle[authorize]: calling
suffix
>>>>>(rlm_realm) for request 0
>>>>>>Fri Feb 1 18:49:26 2008 : Debug: rlm_realm: Looking up realm
>>>>>"SECURACCESS" for User-Name = >"joakimlindgren at SECURACCESS"
>>>>>>Fri Feb 1 18:49:26 2008 : Debug: rlm_realm: Found realm
>>"SECURACCESS"
>>>>>
>>>>>So here we found SECURACCESS domain name in User-Name:
>>>>>
>>>>>>Fri Feb 1 18:49:26 2008 : Debug: rlm_realm: Adding
>>Stripped-User-Name
>>>>>= "joakimlindgren"
>>>>>>Fri Feb 1 18:49:26 2008 : Debug: rlm_realm: Proxying request from
>>user
>>>>>joakimlindgren to realm >SECURACCESS
>>>>>>Fri Feb 1 18:49:26 2008 : Debug: rlm_realm: Adding Realm =
>>>>>"SECURACCESS"
>>>>>>Fri Feb 1 18:49:26 2008 : Debug: rlm_realm: Preparing to proxy
>>>>>authentication request to realm "SECURACCESS"
>>>>>
>>>>>Where proxying the request to ip address mentioned in proxy.conf (but
>>here
>>>>>we don�´t end the EAP?)
>>>>>
>>>>
>>>> Have different names for a server realm and user domain so you can
>>>> choose
>>>> when to proxy. Leave user as user at SECURACCESS; configure SECURACCESS to
>>>> be a LOCAL realm; configure home server realm as SECURE and proxy to
>>>> that one.
>>>>
>>>> Again, you should think about 2.0.1 where you can define one virtual
>>>> server to deal with @SECURACCESS requests and another for others.
>>>>
>>>> Ivan Kalik
>>>> Kalik Informatika ISP
>>>>
>>>> -
>>>> List info/subscribe/unsubscribe? See
>>>> http://www.freeradius.org/list/users.html
>>>>
>>>>
>>>
>>>
>>
>>--
>>View this message in context:
http://www.nabble.com/Terminate-EAP-PEAP-client-connection-at-FreeRadius-Proxy-and-proxy%28forward%29-request-as-PAP-tp15218593p15242083.html
>>Sent from the FreeRadius - User mailing list archive at Nabble.com.
>>
>>
>>-
>>List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
>
--
View this message in context: http://www.nabble.com/Terminate-EAP-PEAP-client-connection-at-FreeRadius-Proxy-and-proxy%28forward%29-request-as-PAP-tp15218593p15267823.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
More information about the Freeradius-Users
mailing list