Terminate EAP-TTLS then proxy
Matthew Newton
matthew at newtoncomputing.co.uk
Tue Jun 13 10:49:17 CEST 2017
On 13 June 2017 09:19:21 BST, adrian.p.smith at bt.com wrote:
>Thanks for the tips, this has got me a lot further. My default server
>now does the EAP work and passes the Access-Request to the
>inner-tunnel, but I think I need one last thing as it doesn't want to
>proxy it:
>
>server inner-tunnel {
># Executing section authorize from file
>/etc/raddb/sites-enabled/inner-tunnel
>+- entering group authorize {...}
>++[chap] returns noop
>[mschap] Found MS-CHAP attributes. Setting 'Auth-Type = mschap'
>++[mschap] returns ok
>[IPASS] Looking up realm "passpoint" for User-Name = "passpoint/adrian"
>[IPASS] Found realm "passpoint"
>[IPASS] Adding Realm = "passpoint"
>[IPASS] Proxying request from user adrian to realm passpoint
>[IPASS] Preparing to proxy authentication request to realm "passpoint"
>++[IPASS] returns updated
>[suffix] Request already proxied. Ignoring.
>++[suffix] returns ok
>[eap] No EAP-Message, not doing EAP
>++[eap] returns noop
>++[files] returns noop
>++[expiration] returns noop
>++[logintime] returns noop
>++[pap] returns noop
>} # server inner-tunnel
What does the rest of the debug output say? Proxying happens after this.
--
Matthew
More information about the Freeradius-Users
mailing list