FR2 - proxying inner tunnel
Dmitry Sergienko
trooper+freeradius+users at email.dp.ua
Fri Feb 15 16:11:15 CET 2008
Hi!
Alan DeKok wrote:
> Dmitry Sergienko wrote:
>> Config file is the same as default example proxy-inner-tunnel in 2.0.2
>> release with modified realm name only.
>
> I really don't understand.
>
> 1) default config
Configuration from scratch.
on Debian:
cd freeradius-server-2.0.2
dpkg-buildpackage -rfakeroot -uc -b
dpkg -i ../freeradius_2.0.2-0_i386.deb
> 2) edit eap.conf, peap{} section to set proxy_tunneled_request_as_eap = no
> 3) edit eap.conf, peap{} section to set virtual_server =
> "proxy-inner-tunnel"
also copied proxy-inner-tunnel from examples bundled with 2.0.2.
> 4) edit proxy.conf to add realm "example.com" with another RADIUS server.
done. also added client in clients.conf.
> 5) send PEAP request.
> 6) verify that MS-CHAPv2 is proxied to second RADIUS server
all correct. Answer from proxy is Access-Accept.
> 7) verify that the supplicant receives EAP-MSCHAPv2 with MSCHAP Success.
It's here.
Both logs of xsupplicant and freeradius are available here (posting here exceeds the limit of 100Kb):
http://web.apex.dp.ua/~trooper/fr2/fr202.log
http://web.apex.dp.ua/~trooper/fr2/xsupplicant.log
--
Best wishes,
Dmitry Sergienko (SDA104-RIPE)
Trifle Co., Ltd.
More information about the Freeradius-Users
mailing list