a.l.m.bu...@lboro.ac.uk [a.l.m.bu...@lboro.ac.uk] wrote: > how did you configure the server...from scratch or copy pasting bits over > from a 2.x ?
It's a mongrel, not an alteration of fresh 3.0. It was working on a pre-talloc 3.0 development branch. > does this 'eap' module use its own virtual_server or does it inherit the > virtual_server that > instigated it (you have no 'virtual_server = "blah"' line in your peap{} > section...so i assume > its using eduroam_idp VS for the unwrapping?) There's only one incestuous server clause, and only one EAP configuration block, yes. I tried to replicate on a test server with lightly modified 3.0 stock configs. The error only happens when everything is running through the same server/eap instances, so good instincts there. Replicating it is easy: just uncomment the peap virtual-server directive and add at the top of authorize: if (Freeradius-Proxied-To == "127.0.0.1") { update control { Proxy-To-Realm = example.com } } ...and it doesn't matter that example.com defaults to home_server localhost, it does not get that far. I believe it is the way it is because at some point we were having trouble using outer.request and such between virtual servers. I'll have to test those and see if that limitation is still in effect. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html