I think we're back to what I had been trying to do on my test machines
now and still can't seem to get working.
When I add "DEFAULT FreeRADIUS-Proxied-To == 127.0.0.1, Proxy-To-
Realm := DOMAIN" to users of the first server (I believe that's the
correct place to put it). I get "rlm_eap: Request is supposed to be
proxied to Realm DOMAIN. Not doing EAP." on the first server and the
proxy server still says " rlm_eap: Identity does not match User-Name,
setting from EAP Identity."
Thanks,
Kerry Tobin
On Nov 4, 2008, at 1:04 PM, [EMAIL PROTECTED]
wrote:
Message: 1
Date: Tue, 04 Nov 2008 17:39:50 +0100
From: <[EMAIL PROTECTED]>
Subject: Re: Unable to authenticate to Open Directory
To: "FreeRadius users mailing list"
<freeradius-users@lists.freeradius.org>
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset=ISO-8859-2
OK, I've tried using a proxy and now it fails on rlm_eap and says the
User-Name doesn't match EAP Identity. Is there a way to have EAP
processed on the local machine but authentication happen on the
remote? Is that even the problem?
DEFAULT FreeRADIUS-Proxied-To == 127.0.0.1, Proxy-To-Realm := DOMAIN
That will proxy only the inner tunnel.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html