Terminate EAP-TTLS then proxy
adrian.p.smith at bt.com
adrian.p.smith at bt.com
Tue Jun 13 11:20:56 CEST 2017
Ah sorry, here's the rest of it:
[ttls] Got tunneled reply code 0
[ttls] Tunneled authentication will be proxied to passpoint
[eap] Tunneled session will be proxied. Not doing EAP.
++[eap] returns handled
WARNING: Cancelling proxy to Realm LOCAL, as the realm is local.
There was no response configured: rejecting request 42
Using Post-Auth-Type Reject
-----Original Message-----
From: Freeradius-Users [mailto:freeradius-users-bounces+adrian.p.smith=bt.com at lists.freeradius.org] On Behalf Of Matthew Newton
Sent: 13 June 2017 09:49
To: FreeRadius users mailing list
Subject: RE: Terminate EAP-TTLS then proxy
On 13 June 2017 09:19:21 BST, adrian.p.smith at bt.com wrote:
>Thanks for the tips, this has got me a lot further. My default server
>now does the EAP work and passes the Access-Request to the
>inner-tunnel, but I think I need one last thing as it doesn't want to
>proxy it:
>
>server inner-tunnel {
># Executing section authorize from file
>/etc/raddb/sites-enabled/inner-tunnel
>+- entering group authorize {...}
>++[chap] returns noop
>[mschap] Found MS-CHAP attributes. Setting 'Auth-Type = mschap'
>++[mschap] returns ok
>[IPASS] Looking up realm "passpoint" for User-Name = "passpoint/adrian"
>[IPASS] Found realm "passpoint"
>[IPASS] Adding Realm = "passpoint"
>[IPASS] Proxying request from user adrian to realm passpoint [IPASS]
>Preparing to proxy authentication request to realm "passpoint"
>++[IPASS] returns updated
>[suffix] Request already proxied. Ignoring.
>++[suffix] returns ok
>[eap] No EAP-Message, not doing EAP
>++[eap] returns noop
>++[files] returns noop
>++[expiration] returns noop
>++[logintime] returns noop
>++[pap] returns noop
>} # server inner-tunnel
What does the rest of the debug output say? Proxying happens after this.
--
Matthew
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list