Hello,
I would appreciate some hints about the following scenario (on Debian 7). I've installed the moonshot library, configured ssh server and radius with local users, and if I try to ssh to this server it works fine: I can login using moonshot identity selector, I get the right prompt on the remote machine, so it is ok. I also configure radius server to proxy the authentication requests coming not with local realms, but I always get Access-Reject form my eduroam home IdP. If I test it with eapol_test, works fine with the same radius server. I think the problem is that home eduroam IdP needs anonymous user to start the real authentication process, but with identity selector it is not possible to send it.
Do you have any idea how it can be configured to work properly? Is it possible to inject the anonymous user to the process, eg. in radius pre-proxy section? Or something else can be misconfigured?
thanks,
Tamas
--
FRANK, Tamás
NIIFI, Hungary
|