48 lines
1.0 KiB
Plaintext
48 lines
1.0 KiB
Plaintext
# -*- text -*-
|
|
######################################################################
|
|
#
|
|
# This is a virtual server that handles *only* inner tunnel
|
|
# requests for EAP-TTLS and PEAP types.
|
|
#
|
|
# $Id: 1ce4137d5f93ff65a92ebaac676690cc718846ad $
|
|
#
|
|
######################################################################
|
|
|
|
server proxy-inner-tunnel {
|
|
|
|
#
|
|
# This example is very simple. All inner tunnel requests get
|
|
# proxied to another RADIUS server.
|
|
#
|
|
authorize {
|
|
#
|
|
# Do other things here, as necessary.
|
|
#
|
|
# e.g. run the "realms" module, to decide how to proxy
|
|
# the inner tunnel request.
|
|
#
|
|
|
|
update control {
|
|
# You should update this to be one of your realms.
|
|
Proxy-To-Realm := "example.com"
|
|
}
|
|
}
|
|
|
|
authenticate {
|
|
#
|
|
# This is necessary so that the inner tunnel EAP-MSCHAPv2
|
|
# method can be called. That method takes care of turning
|
|
# EAP-MSCHAPv2 into plain MS-CHAPv2, if necessary.
|
|
eap
|
|
}
|
|
|
|
post-proxy {
|
|
#
|
|
# This is necessary for LEAP, or if you set:
|
|
#
|
|
# proxy_tunneled_request_as_eap = no
|
|
#
|
|
eap
|
|
}
|
|
}
|