Hi!
Alan DeKok wrote:
Dmitry Sergienko wrote:
Config file is the same as default example proxy-inner-tunnel in 2.0.2
release with modified realm name only.
I really don't understand.
1) default config
Configuration from scratch.
on Debian:
cd freeradius-server-2.0.2
dpkg-buildpackage -rfakeroot -uc -b
dpkg -i ../freeradius_2.0.2-0_i386.deb
2) edit eap.conf, peap{} section to set proxy_tunneled_request_as_eap = no
3) edit eap.conf, peap{} section to set virtual_server =
"proxy-inner-tunnel"
also copied proxy-inner-tunnel from examples bundled with 2.0.2.
4) edit proxy.conf to add realm "example.com" with another RADIUS server.
done. also added client in clients.conf.
5) send PEAP request.
6) verify that MS-CHAPv2 is proxied to second RADIUS server
all correct. Answer from proxy is Access-Accept.
7) verify that the supplicant receives EAP-MSCHAPv2 with MSCHAP Success.
It's here.
Both logs of xsupplicant and freeradius are available here (posting here
exceeds the limit of 100Kb):
http://web.apex.dp.ua/~trooper/fr2/fr202.log
http://web.apex.dp.ua/~trooper/fr2/xsupplicant.log
--
Best wishes,
Dmitry Sergienko (SDA104-RIPE)
Trifle Co., Ltd.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
