Is it possible to terminate EAP/Authentication on an entirely different radius box through freeradius?

Ivan Kalik tnt at kalik.net
Fri Jul 10 20:31:40 CEST 2009


> What we are wondering is if its possible to still have requests come
> through to our freeradius box, and instead of providing the certificate
> and proxying the contents of the inner tunnel to the AD box.. if its
> possible to simply proxy the entire request, PEAP/MSCHAP and all
> directly to their AD servers?  They are hesitant to allow our freeradius
> box to join the domain, and if its doable, a workaround would be the
> preferred route.

No, domain controler is not a radius server. They would need to set up
IAS. Freeradius can proxy to that thing.

Ivan Kalik
Kalik Informatika ISP




More information about the Freeradius-Users mailing list