On 19/06/13 14:54, adrian.p.sm...@bt.com wrote:
What I really need to do is proxy the inner message to another
Radius server which will do the authentication but I cannot get
this to work. Whatever I try, I always see an EAP-Message avp
heading off to the remote server. I have looked at the
proxy-inner-tunnel virtual server but am unsure how to use it.
This *is* proxying the inner tunnel; the inner tunnel auth is also
EAP, and you're sending it to the remote server.
Thanks, this is NOT what I want to do. I want to send the inner
message, not the tunnel and do PAP on the remote server.
You can only do PAP on the remote server if your inner auth method was
PAP. Basically, this means EAP-TTLS/PAP.
Doing that is simple:
server inner-tunnel {
authorize {
update control {
Proxy-To-Realm := THEREALM
}
}
}
If this isn't working, send a debug from "radiusd -X"
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
