Terminate EAP-TTLS then proxy

adrian.p.smith at bt.com adrian.p.smith at bt.com
Tue Jun 13 11:20:56 CEST 2017

Ah sorry, here's the rest of it:

[ttls] Got tunneled reply code 0
[ttls] Tunneled authentication will be proxied to passpoint
[eap]   Tunneled session will be proxied.  Not doing EAP.
++[eap] returns handled
 WARNING: Cancelling proxy to Realm LOCAL, as the realm is local.
There was no response configured: rejecting request 42
Using Post-Auth-Type Reject

-----Original Message-----
From: Freeradius-Users [mailto:freeradius-users-bounces+adrian.p.smith=bt.com at lists.freeradius.org] On Behalf Of Matthew Newton
Sent: 13 June 2017 09:49
To: FreeRadius users mailing list
Subject: RE: Terminate EAP-TTLS then proxy

On 13 June 2017 09:19:21 BST, adrian.p.smith at bt.com wrote:
>Thanks for the tips, this has got me a lot further. My default server 
>now does the EAP work and passes the Access-Request to the 
>inner-tunnel, but I think I need one last thing as it doesn't want to 
>proxy it:
>server inner-tunnel {
># Executing section authorize from file 
>+- entering group authorize {...}
>++[chap] returns noop
>[mschap] Found MS-CHAP attributes.  Setting 'Auth-Type  = mschap'
>++[mschap] returns ok
>[IPASS] Looking up realm "passpoint" for User-Name = "passpoint/adrian"
>[IPASS] Found realm "passpoint"
>[IPASS] Adding Realm = "passpoint"
>[IPASS] Proxying request from user adrian to realm passpoint [IPASS] 
>Preparing to proxy authentication request to realm "passpoint"
>++[IPASS] returns updated
>[suffix] Request already proxied.  Ignoring.
>++[suffix] returns ok
>[eap] No EAP-Message, not doing EAP
>++[eap] returns noop
>++[files] returns noop
>++[expiration] returns noop
>++[logintime] returns noop
>++[pap] returns noop
>} # server inner-tunnel

What does the rest of the debug output say? Proxying happens after this.


List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

More information about the Freeradius-Users mailing list