Alan DeKok wrote:
Samuel Degrande <[EMAIL PROTECTED]> wrote:
I use EAP-TTLS/PAP between a 802.1X supplicant and a radius
server. I would like to proxy the authentication to an other
radius server. So, is it possible to 'decapsulate' the authentication
protocol from EAP on the first radius server, and only send
user-name/user-password attributes to the central radius server ?
Yes. Put the following into your "users" file to proxy the inner
session for user "bob".
bob FreeRADIUS-Proxied-To == 127.0.0.1, Proxy-To-Realm := "realm"
After an observation of the radius output in debug mode, I did find that
FreeRADIUS-Proxied-To attribute (which is not documented, isn't it ?),
but I was not sure if it was the good way to do it.
Thanks for your reply (and thanks for freeradius :-) )
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
