Alan DeKok wrote: > If there is NO User-Name attribute in the packet, then the server is > unable to root through the EAP-Message stuff to find what EAP thinks > is the user name. In that case, without a User-Name attribute, > proxying cannot be done on realms in User-Names. > I am not sure if I made my point clear in my earlier mail or not.
Freeradius can still proxy the request with the following configuration authorize { eap ... other modules. } What this does is User-Name attribute is created from EAP-Identity response, if it is not present. The other modules should take care of proxying. Infact, Freeradius can also handle EAP-Start Requests with the above configuration. -Raghu - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html