Carroll, Diana C wrote: > I have a FreeRADIUS server that takes a TTLS request, handles the TLS outer > authentication locally, and then proxies the MSCHAPv2 inner authentication to > another server based on the realm specified in the user request. > > When it receives the MSCHAPv2 access-accept message from one server (another > FreeRADIUS server), it includes the user attributes in the access-accept > message to the client as expected. However, when it receives the MSCHAPv2 > access-accept message from the second server (an NPS server) it does not > include the user attributes in the access-accept message to the client, > resulting in a connection failure.
This works in 2.1.9. Set "use_tunneled_reply = yes" in eap.conf. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html