Samuel Degrande <[EMAIL PROTECTED]> wrote: > I use EAP-TTLS/PAP between a 802.1X supplicant and a radius > server. I would like to proxy the authentication to an other > radius server. So, is it possible to 'decapsulate' the authentication > protocol from EAP on the first radius server, and only send > user-name/user-password attributes to the central radius server ?
Yes. Put the following into your "users" file to proxy the inner session for user "bob". bob FreeRADIUS-Proxied-To == 127.0.0.1, Proxy-To-Realm := "realm" > (i guess that my question is stupid, but I don't know how > to express it in the good way...) You did fine. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html