Configuring 3.0.12 for RadSec

A.L.M.Buxey at A.L.M.Buxey at
Mon Nov 7 11:07:40 CET 2016


> I need some help to configure FR for eduroam via RadSec with
> PEAP/MSChapv2. Depending on the REALM requests, if it is has and is
> not the local REALM, requests should get proxied to one of two
> external radius server via RadSec (server_pool ?). And also the
> other way around FR should be able to receive requests from an
> external source and authenticate them as local users.
> Requests, coming from an Access Point or via RadSec, should be
> processed equally.
> I'm not quite shure where to start, has anyone a example
> configuration for me how to do it?
> Many thanks!

this is pretty much ready to go out of the box - you just need to look
at the provided virtual server - here you will see the proxy definition
and the client definition, just populate the relevant configuration
in the virtual server with the certificate details for your RADSEC communication
and ensure your proxy policy directs relevant (ie valid requests, ones that
arent local realm(s) and have an "@" and no illegal characters/realms etc)
to the radsec pool.


More information about the Freeradius-Users mailing list