a.l.m.bu...@lboro.ac.uk [a.l.m.bu...@lboro.ac.uk] wrote:
> how did you configure the server...from scratch or copy pasting bits over
> from a 2.x ?
It's a mongrel, not an alteration of fresh 3.0. It was working on a pre-talloc
3.0 development branch.
> does this 'eap' module use its own virtual_server or does it inherit the
> virtual_server that
> instigated it (you have no 'virtual_server = "blah"' line in your peap{}
> section...so i assume
> its using eduroam_idp VS for the unwrapping?)
There's only one incestuous server clause, and only one EAP configuration
block, yes.
I tried to replicate on a test server with lightly modified 3.0 stock configs.
The error only
happens when everything is running through the same server/eap instances, so
good
instincts there. Replicating it is easy: just uncomment the peap
virtual-server directive
and add at the top of authorize:
if (Freeradius-Proxied-To == "127.0.0.1") {
update control {
Proxy-To-Realm = example.com
}
}
...and it doesn't matter that example.com defaults to home_server localhost, it
does not get that far.
I believe it is the way it is because at some point we were having trouble
using outer.request
and such between virtual servers. I'll have to test those and see if that
limitation is still
in effect.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
