question re inner tunnel / virtual server
Michael Arndt
michael.arndt at berlin.de
Sun Apr 24 18:24:20 CEST 2011
Hi *,
i try to get a better grip in understanding the virtual server for inner eap
tunnel.
Please forgive if any of the following statements represents misunderstanding
of concepts from my side.
Which of the following statements describe the inner tunnel virtual server
for EAP wrong / correct ?
EAP:
-The eap module can map tunneled requests to a virtual server ( inner tunnel )
- It "knows" where to communicate by freeradius reading the virtual servers
configs in sites-enabled
-So the Port configured for the inner tunnel virtual server (statement valid only for this inner tunnel VS)
is only relevant wrt external for testing purposes in order to test correct freeradius config wrt EAP
-freeradius handles the communication to the inner tunnel with the above mentioned
mapping of the eap module. So in productive use there is no need to reference
the Port for the inner tunnel ( except when proxying or using the test for EAP to check for a valid config )
-the main goal of the inner tunnel virtual server is to allow
completely independent policies for outer / inner tunneled sessions.
hope i did not fall for to many misunderstandings
TIA
Micha
More information about the Freeradius-Users
mailing list