proxy question
Doty, Seth
seth.doty at nebraska.gov
Thu Jun 9 15:11:12 CEST 2011
The error on the other side is Invalid_Auth_Type. It is set to only
accept MsCHAPv2 which is fine. I guess the next question is do I need
to set a default auth type for the realm and if so how can I do that
without mucking up the other realms?
On Sat, 2011-06-04 at 07:58 +0200, Alan DeKok wrote:
> Doty, Seth wrote:
> > Currently I have a wireless setup that terminates the outer tunnel
> > locally then queries AD to get group/user data. This happens for the
> > realm named after the domain,the default realm, and NULL realm and works
> > perfectly. What I need to do now is add a new realm (testrealm)that
> > terminates the eap tunnel locally just like the other realms (to keep
> > the cert the same) and then proxies the inner tunnel to a MS ias server
> > (old_DC). All i will need back is an accept and then i will attempt to
> > pass attributes to the wireless controller based on the realm (I assume
> > I can do this). I appear to be having some issues with initial
> > authentication however.
>
> You've set it to proxy to a home server. The home server is rejecting
> the request.
>
> Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list