terminate eap-ttls
A.L.M.Buxey at lboro.ac.uk
A.L.M.Buxey at lboro.ac.uk
Wed Jun 19 14:50:07 CEST 2013
Hi,
> I have managed to setup a simple test using eapol_test as per
> http://www.openlogic.com/wazi/bid/188089/Authenticating-Wi-Fi-Users-with-FreeRADIUS
thats a rather old...and random URL. why not look at official docs?
> and it all works as described except that I have to use ca.pem instead of
> server.pem. I think this might be because the example uses an older
> version of FreeRadius?
yes, ca_cert="/home/carla/server.pem" is wrong. thats basically checking the RADIUS
server cert..not the CA....eapol_test wants to verify the CA with that config option.
> What I really need to do is proxy the inner message to another Radius
> server which will do the authentication but I cannot get this to work.
> Whatever I try, I always see an EAP-Message avp heading off to the remote
> server. I have looked at the proxy-inner-tunnel virtual server but am
> unsure how to use it.
tell EAP to send the message to somewhere else other than inner-tunnel virtual server
the inner-tunnel virtual server is a local instance you need to proxy....so define a
remote pool as per proxy.conf examples
alan
More information about the Freeradius-Users
mailing list