[EMAIL PROTECTED] wrote:
> Otherwise, it should theoretically be possible to "translate"
> PEAP-MSCHAPv2 to plain MSCHAPv2 and use that for
> communication with your "simple radius" server - however,
> that still requires writing suitable code
In eap.conf, peap{} subsection, set
proxy_tunneled_request_as_eap = no
and the server will proxy the inner tunnel EAP-MSCHAPv2 as normal
MS-CHAPv2.
It's not widely tested, which is why it's not documented as working.
> I'm currently working at "translating" EAP-MD5 to CHAP).
Follow the magic code above. A patch would be welcome.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
