Tomasz Wolniewicz <[EMAIL PROTECTED]> wrote: > could you be a LITTLE bit more specific about that? Its Christmas :). > How can I tell define conditions which will notice that it is the EAP-TTLS > case and not EAP/TLS? Perhaps there is no way, as at the beginning it is > simply an EAP message, so the server has no way of telling which way to go?
The "FreeRADIUS-Proxied-To" attribute is added to the session inside of the tunnel. See debugging mode for examples, it *will* print this out. In the "users" file, you can put: DEFAULT FreeRADIUS-Proxied-To == 127.0.0.1, Autz-Type := ldap and it will call the LDAP module only inside of the tunnel. You will also have to set up an Autz-Type block in the "authorize" section. See doc/Autz-Type. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
