[EMAIL PROTECTED] wrote: > What I currently have is generating a fake CHAP request from > EAP-MD5 with the "FreeRadius-Proxied-To" attribute added, > similar to what PEAP and EAP-TTLS do with the inner protocols, > though it's all a bit hackish at the moment.
Hmm, yes. Ideally you'd want the EAP-MD5 module called during the "pre-proxy" stage, and to re-write the data there. > Any suggestions what to do here exactly? I think your method works, but I agree it's a bit hackish. The way the server handles the whole authorize/authenticate thing could use some serious re-visiting. But that;'s probably for a 2.0. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html