Terminate EAP-TTLS then proxy
adrian.p.smith at bt.com
adrian.p.smith at bt.com
Fri Sep 22 09:32:31 CEST 2017
OK, so it appears that the proxying is actually done back in the outer tunnel.
So, in my inner-tunnel server I added:
## clear proxy control from outer request
update control {
&outer.Proxy-To-Realm !*
}
And that seems to have got this working.
Regards,
Adrian
-----Original Message-----
From: Freeradius-Users [mailto:freeradius-users-bounces+adrian.p.smith=bt.com at lists.freeradius.org] On Behalf Of Alan DeKok
Sent: 21 September 2017 23:28
To: FreeRadius users mailing list
Subject: Re: Terminate EAP-TTLS then proxy
On Sep 21, 2017, at 6:24 PM, <adrian.p.smith at bt.com> <adrian.p.smith at bt.com> wrote:
>
> Hi Alan,
>
> I proxy-to-realn LOCAL in the default server as I was advised to do this as part of the EAP-TTLS termination and Transfer to the inner-tunnel.
>
> Perhaps this is not needed?
It's needed if you don't want to proxy the outer EAP session.
> My aim is be able to terminate the EAP and then proxy the request to another server.
Then edit the inner tunnel to delete the "Proxy-To-Realm = Local" attribute.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list