configuring proxy base on eap-type
Alan DeKok
aland at deployingradius.com
Tue May 25 14:40:05 CEST 2010
Fred MAISON wrote:
> Yes, how can I do that ? May I activate proxy-inner-tunnel site along
> with inner-tunnel site ?
No. It's an example.
You can set "Proxy-To-Relam" to force proxying. See raddb/proxy.conf
>> So... figure out who's supposed to do EAP-JUAC,
> Yes, but based on what ? I currently use a real, but this can be changed
> by end-user to bypass JUAC host checking capabilities ...
Check the user name? Put the users into groups?
This shouldn't be hard. You are *already* determining which users do
JUAC, and which don't: the machines are configured to do it.
Now just write down those rules for FreeRADIUS..
> Yes, it's what I need, but I don't fully master how to do that. May be
> the first point related to enable site proxy-inner-tunnel ?
> If so, it seem to be very unselective (I meen ALL protocols doing
> inner-tunnel will be proxied to UAC, leaving only EAP-LEAP on
> freeradius. This could be a good solution for me.
So... configure that.
Alan DeKok.
More information about the Freeradius-Users
mailing list