What proxy features does the freeradius server support?

Alan DeKok aland at deployingradius.com
Fri Oct 20 19:18:50 CEST 2017

On Oct 20, 2017, at 12:45 PM, work vlpl <thework.vlpl at gmail.com> wrote:
> Thank you for your answers, you help a lot, could you answer a couple more
> questions?


> log from home server
> ...
> (0) eap: ERROR: rlm_eap (EAP): No EAP session matching state 0x0998f23b0990e83c
> (0) eap: Either EAP-request timed out OR EAP-response to an unknown EAP-request

  It's hard to tell from the truncated debug output.  But I suspect the proxy is sending a State when it shouldn't.
> and virtual site for inner tunnel
> ==
> server peap_and_ttls {
>    authorize {
>    eap {
>    ok = return
>    }

  If you're doing to proxy the inner-tunnel session, you CANNOT do EAP in the inner-tunnel.

  Pick one: (a) run the EAP module in the inner-tunnel, or (b) proxy in the inner-tunnel.

>            if(&reply:Supplicant-Use-Remote == 'yes') {
>                update control {
>                    Proxy-To-Realm := 'testing-realm'

  You can't do that.  I already said so in a previous message.

  Alan DeKok.

More information about the Freeradius-Users mailing list