On Mar 3, 2015, at 5:04 , Calugaru Adrian <[email protected]> wrote:
> Hi guys,
>
> I'm new to this great software and after a week browsing for different
> deployment and configuration I couldn't find anything about using an external
> Radius server for the 802.1x authentication.
>
> Do you know if it's possible to integrate the PF with MS NPS (Radius) or
> forward the auth request to the external radius ?
>
Hi Adrian,
Yes it’s possible.
It’s only a matter of configuring FreeRADIUS to proxy to your NPS server.
Check out /usr/local/pf/raddb/proxy.conf for an example proxying configuration.
Be advised that if you are proxying PEAP (as you likely will) then PacketFence
will not have access to the inner tunnel and will have to make authentication
decisions based on the outer identity, which is not authenticated.
Regards,
--
Louis Munro
[email protected] :: www.inverse.ca
+1.514.447.4918 x125 :: +1 (866) 353-6153 x125
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence
(www.packetfence.org)
------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
