Emmanuel BILLOT wrote: > Could you explain what is the difference between the default file and > the inner-tunnel file in /etc/raddb/site-enabled ?
This is documented in the comments at the top of the files. The "default" virtual server handles normal RADIUS traffic. However, some EAP types set up a TLS tunnel between the PC and the RADIUS server. The data *inside* of the TLS tunnel has to be authenticated. So... it's run through the "inner-tunnel" virtual server. > When running in debug mode, i see sometimes > # Executing section authorize from file /etc/raddb/sites-enabled/default > and > sometimes > # Executing section authorize from file > /etc/raddb/sites-enabled/inner-tunnel Not "sometimes". That is a very bad way to think about it. The debug log shows *exactly* what the server is doing. Read it slowly, it will make sense. > Is there any docs about the complete processing of EAP authentication ? Nope. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
