PEAP-MSCHAPv2 and anonymous outer identity - can't understand passing inner username to outer tunnel
Alan Buxey
alan.buxey at gmail.com
Wed May 4 20:22:12 UTC 2022
hi,
being very flexible there are dozens of ways in which this can be
achieved - however, you dont want to be using the outer-id for
decision making - such things should be set in your local inner-tunnel
(where you know the real Id) and then sent 'up' to the outer layer for
the reply. I can probably help you further off list (I would also
suggest that you have another defined outer and inner virtual server
defined
for inbound traffic from the national proxies (as in those cases you
dont want to waste any time defining VLAN return attributes etc , just
authenticate and over and done with.)
regards
alan
More information about the Freeradius-Users
mailing list