Try this (i don't know if it is the right way, but it works):
Terminate the "outer-user" in hints:
DEFAULT Prefix == "anonymous", Strip-User-Name = No Realm = "LOCAL"
Then the "inside-user" is proceeded as usal and you don`t need Auth-Type:= EAP.
regards
Helmut
What should I wite instead of EAP. When I write Local or System it didnt work.
I have one more question. When I add user named test in users file as following,
test Auth-Type := EAP, User-Password == "11" Filter-Id = "Enterasys:version=1:mgmt=su:policy=cit"
802.1x authentication is successful. But I need to authenticate users
on edirectory via LDAP.
Ldap servwer vi have field postoffice box which "Enterasys:version=1:mgmt=su:policy=cit"
field is stored. We want that freeradius will get postofficebox vlaue
of user and send to NAS it as Filter-Id = "Enterasys:version=1:mgmt=su:policy=cit".
But this authentication should be in EAP-TTLS inner PAP method.
We can do ot in Steel-Belted radius server. But securew2 didnt work with steel-belted.
How can I do it?
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html