[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freeradius-users
Subject:    Re: AW: EAP-TTLS proxiing the tunneled request fails
From:       Matthew Newton <mcn () freeradius ! org>
Date:       2019-06-25 8:11:05
Message-ID: 6387660fd5009003e7a674525f14cedc4e4d3d81.camel () freeradius ! org
[Download RAW message or body]

On Tue, 2019-06-25 at 07:09 +0000, Ekkehard Burkon wrote:
> > > My goal is to have a freeradius server handle EAP authentication
> > > with 
> > > the EAP typ being EAP-TTLS. The data from the tunneled request
> > > should be proxied to an other radius server.
> 
> > Set Proxy-To-Realm in the inner-tunnel virtual server, and it will
> work.
> 
> This sets the Proxy Realm hard. Is there a methode to use the normal
> proxy configuration or is it necessary 
> to use some unlang logic at this point?

You can use any method to set the Proxy-To-Realm attribute. Unlang is a
common way to do it, but you could set it in a users file with the
files module, or using an instance of the realm module.

Just don't use the same files/realm/other module in both the inner
tunnel and the outer, as otherwise the outer will likely get proxied
rather than the inner.

-- 
Matthew


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
[prev in list] [next in list] [prev in thread] [next in thread]