terminate eap-ttls

adrian.p.smith at bt.com adrian.p.smith at bt.com
Wed Jun 19 15:28:53 CEST 2013

>>    I have managed to setup a simple test using eapol_test as per
>> http://www.openlogic.com/wazi/bid/188089/Authenticating-Wi-Fi-Users-wi
>> th-FreeRADIUS

>thats a rather old...and random URL. why not look at official docs?

I'd be glad to. Please direct me to some that explain how to do this.

>>    What I really need to do is proxy the inner message to another Radius
>>    server which will do the authentication but I cannot get this to work.
>>    Whatever I try, I always see an EAP-Message avp heading off to the remote
>>    server. I have looked at the proxy-inner-tunnel virtual server but am
>>    unsure how to use it.

>tell EAP to send the message to somewhere else other than inner-tunnel virtual server the inner-tunnel virtual server is a local instance you need to proxy....so define a remote pool >as per proxy.conf examples

I'm probably confusing my terminology, apologies.

What I'm trying to do is get FreeRadius to extract the lowest level Radius message from inside all those tunnels and send it on to an already defined proxy home server. I have the realm defined and, if I send a simple radtest request I get an access-accept from the downstream server. What I want to do is be able to send in an EAP-TTLS request using eapol_test and have the same result.

Thanks again.

More information about the Freeradius-Users mailing list