Purpose of the inner-eap module

Alan DeKok aland at deployingradius.com
Thu Sep 29 20:19:01 CEST 2016

On Sep 29, 2016, at 1:34 PM, Graham Clinch <g.clinch at lancaster.ac.uk> wrote:
> In the standard config there's an second instance of the eap module, named 'inner-eap', but it doesn't appear to be referenced anywhere.

  It's an example.  We probably should make it the default inner-eap method for version 4.

> I've swapped all occurances of 'eap' in the inner-tunnel site to 'inner-eap' and now see PEAP/EAP-MSCHAPv2 authentications complete with one fewer roundtrip, which feels like an improvement.  Is there a reason inner-eap is not used in the default inner-tunnel site?

  History, mostly.

> As an aside, the wiki's EAP module page says "NOTE: There can only be one instance of the EAP module." (http://wiki.freeradius.org/modules/Rlm_eap), but that doesn't appear to be the case here.

  That's historical and should be deleted.

  Alan DeKok.

More information about the Freeradius-Users mailing list