Proxy EAP - TLS Nesting.
brisstony21 at free.fr
brisstony21 at free.fr
Wed Apr 28 04:28:42 CEST 2010
Hi everyone,
I have some troubles to proxy PEAP requests to (internal) virtual server :
I have one proxy server (with realms define in proxy.conf file) that forward the
request internally to a virtual server define in site-enabled directory.
For basic authentication request (PAP, CHAP, MSCHAP, ...) , authentication is
successful, but with PEAP it doesn't work (work with EAP-TTLS). I have this
error message : "Multiple levels of TLS nesting is invalid".
In my proxy.conf I have this lines :
realms university.fr {
virtual_server = my-virtual-server
nostrip
}
I specify that the request is well forwarded to the virtual server.
I made some tests. If I change my proxy.conf like this :
home_server localhost {
port=2812
type=auth
ipaddr=127.0.0.1
secret=******
...
}
home_server_pool my-pool {
home_server = localhost
type=fail-over
}
realms university.fr {
auth_pool= my-pool
nostrip
}
-> Everything works correctly. Someone had an idea?
Thanks in advance
More information about the Freeradius-Users
mailing list