proxy question

Doty, Seth seth.doty at nebraska.gov
Thu Jun 9 15:11:12 CEST 2011


The error on the other side is Invalid_Auth_Type.  It is set to only
accept MsCHAPv2 which is fine.  I guess the next question is do I need
to set a default auth type for the realm and if so how can I do that
without mucking up the other realms? 

On Sat, 2011-06-04 at 07:58 +0200, Alan DeKok wrote:
> Doty, Seth wrote:
> > Currently I have a wireless setup that terminates the outer tunnel
> > locally then queries AD to get group/user data.  This happens for the
> > realm named after the domain,the default realm, and NULL realm and works
> > perfectly.  What I need to do now is add a new realm (testrealm)that
> > terminates the eap tunnel locally just like the other realms (to keep
> > the cert the same) and then proxies the inner tunnel to a MS ias server
> > (old_DC).  All i will need back is an accept and then i will attempt to
> > pass attributes to the wireless controller based on the realm (I assume
> > I can do this).  I appear to be having some issues with initial
> > authentication however.
> 
>   You've set it to proxy to a home server.  The home server is rejecting
> the request.
> 
>   Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html




More information about the Freeradius-Users mailing list