Proxy EAP - TLS Nesting.

brisstony21 at brisstony21 at
Wed Apr 28 04:28:42 CEST 2010

Hi everyone,

I have some troubles to proxy PEAP requests to (internal) virtual server :
I have one proxy server (with realms define in proxy.conf file) that forward the
request internally to a virtual server define in site-enabled directory.

For basic authentication request (PAP, CHAP, MSCHAP, ...) , authentication is
successful, but with PEAP it doesn't work (work with EAP-TTLS). I have this
error message : "Multiple levels of TLS nesting is invalid".

In my proxy.conf I have this lines :
realms {
virtual_server = my-virtual-server

I specify that the request is well forwarded to the virtual server.

I made some tests. If I change my proxy.conf like this :
home_server localhost {

home_server_pool my-pool {
home_server = localhost

realms {
auth_pool= my-pool

-> Everything works correctly. Someone had an idea?

Thanks in advance

More information about the Freeradius-Users mailing list