> On 2014. okt. 21., at 10:08, Frank Tamás <[log in to unmask]> wrote:
>
> The following scenario seems a bit better.
>
>> 2. I also want to make our trust router (ms-tr.aai.niif.hu) to work, but it is not so easy :)
>> When I try from our RP proxy (this is the same RP as above) the following
>>
>> freerad@ms-rp:~$ tidc ms-tr.aai.niif.hu ms-rp.aai.niif.hu apc.moonshot.ja.net apc.moonshot.ja.net
>>
>> I get the following error:
>
>
> {"msg_type": "tid_response", "msg_body": {"result": "error", "err_msg": "Can't forward request to next hop TIDS", "comm": "apc.moonshot.ja.net", "rp_realm": "ms-rp.aai.niif.hu", "target_realm": "apc.moonshot.ja.net"}
> tr_msg_decode_tidresp(): Error! result = error.
> Response received! Realm = apc.moonshot.ja.net, Community = apc.moonshot.ja.net.
> tidc_resp_handler: Response is an error.
Ok, it works with the following parameters:
freerad@ms-rp:~$ tidc ms-tr.aai.niif.hu ms-rp.aai.niif.hu dev.ja.net apc.moonshot.ja.net
And I have managed to ssh our SP via our RP+TR with user: [log in to unmask] :)
Thanks.
-Tamas
|