Phil Mayers wrote:
Related; how would you envisage FreeRadius presenting the presence of
1 authentication exchange inside the tunnel? Presumably the same issue
exists with the EAP-TNC inside TTLS method.
Code has to be written to support it.
Given the virtual server stuff in 2.x, this
fuki wrote:
... According the specification PEAP v0 is used by
Vista, so it should be possible to use FreeRadius as proxy to decrypt the
packages, to analyze the health state (has to be implemented) and to proxy
the inner EAP-MSCHAP to another radius server?
Yes. But I think some code may
the FreeRADIUS proxy has to be configured?
Your help would be much appreciated, Thanks Fuki
--
View this message in context:
http://www.nabble.com/Terminate-TLS-and-proxy-PEAP-tf4434055.html#a1264
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See
On Thu, 2007-09-13 at 01:25 -0700, fuki wrote:
Hi
At the moment I use FreeRADIUS to proxy eap peap mschapv2 request to a
RADIUS server for authentication. The connecting machine submits in addition
to the authentication information, some
information about it's health state encrypted in the
Phil Mayers wrote:
In particular if you are talking about the Vista built-in health check
packets, that uses PEAPv2 which FreeRadius doesn't support, and you
won't be able to terminate.
I'm trying to get PEAPv2 patches from someone who claims they had it
working a few years ago.
Alan
On Thu, 2007-09-13 at 11:01 +0200, Alan DeKok wrote:
Phil Mayers wrote:
In particular if you are talking about the Vista built-in health check
packets, that uses PEAPv2 which FreeRadius doesn't support, and you
won't be able to terminate.
I'm trying to get PEAPv2 patches from someone
to decrypt the
packages, to analyze the health state (has to be implemented) and to proxy
the inner
EAP-MSCHAP to another radius server?
--
View this message in context:
http://www.nabble.com/Terminate-TLS-and-proxy-PEAP-tf4434055.html#a12651948
Sent from the FreeRadius - User mailing list archive
On Thu, 2007-09-13 at 02:56 -0700, fuki wrote:
Phil Mayers wrote:
On Thu, 2007-09-13 at 01:25 -0700, fuki wrote:
You can certainly terminate the PEAP and still proxy the inner
EAP-MSCHAP to another radius server; however as far as I am aware,
FreeRadius doesn't yet have support
to configure the FreeRadius proxy?
--
View this message in context:
http://www.nabble.com/Terminate-TLS-and-proxy-PEAP-tf4434055.html#a12653324
Sent from the FreeRadius - User mailing list archive at Nabble.com.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
9 matches
Mail list logo