Phil Mayers wrote: > [peap] Got tunneled request > EAP-Message = 0x02090006031a > > 0x03 == 3 = NAK, 0x1a == 26 == MS-EAP (SoH, I think?)
That's EAP-MSCHAP-v2. > ...which the proxy server then rejects: > > rad_recv: Access-Reject packet from host 155.97.185.76 port 1812, id=71, > length=49 > Proxy-State = 0x313232 > EAP-Message = 0x04090004 > > So the solution is simple - if you're going to proxy the inner auth, > ensure the client inner auth method and upstream proxy auth method are > mutually compatible. i.e. set "proxy_tunneled_request_as_eap = no" Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html