AW: EAP-TTLS proxiing the tunneled request fails
Matthew Newton
mcn at freeradius.org
Tue Jun 25 10:11:05 CEST 2019
On Tue, 2019-06-25 at 07:09 +0000, Ekkehard Burkon wrote:
> > > My goal is to have a freeradius server handle EAP authentication
> > > with
> > > the EAP typ being EAP-TTLS. The data from the tunneled request
> > > should be proxied to an other radius server.
>
> > Set Proxy-To-Realm in the inner-tunnel virtual server, and it will
> work.
>
> This sets the Proxy Realm hard. Is there a methode to use the normal
> proxy configuration or is it necessary
> to use some unlang logic at this point?
You can use any method to set the Proxy-To-Realm attribute. Unlang is a
common way to do it, but you could set it in a users file with the
files module, or using an instance of the realm module.
Just don't use the same files/realm/other module in both the inner
tunnel and the outer, as otherwise the outer will likely get proxied
rather than the inner.
--
Matthew
More information about the Freeradius-Users
mailing list