On Thu, 4 Apr 2002, Erling Paulsen wrote: > Hello listusers, > > I run v.0.5 with 2 realms forwarded to Merit based RADIUS servers and DEFAULT > no relmed requests to an Active Directory box. It runs on FreeBSD 4.5 in a > chrooteed environment. > > All well, bells and trumpets, and then.. now I really need some help, and I > would appreciate it, if someone could give me some hints. > > Problem scenario as follows: > radiusd binds itself to IP address "B" on the NIC. It recieves requests on > "B" and forwards request on "B" to its external RADIUS (merit based) > authenticators (charmingly). However, when requests that needs to be forwarded > by the rlm_ldap module to the MS Active Directory server, the module forwards > the request on IP address "A" (the primary IP of the NIC, and not the one > radiusd is binded to - address "B"). I REALLY need to have the request come > from the same IP as the radiusd, because of some access lists out of my > control. > > Even direct me to somewhere in the module source-code so I can make a hack! > > BTW: FreeRADIUS is a great effort, well done! > Desperately, Erling Paulsen, Norway > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I don't think it can be done. I don't know of any way to set the source ip in the ldap requests when using the ldap api. I may be wrong though. I believe you could just use the firewalling facility of freebsd to route the ldap requests through int B instead of A. -- Kostas Kalevras Network Operations Center [EMAIL PROTECTED] National Technical University of Athens, Greece Work Phone: +30 10 7721861 'Go back to the shadow' Gandalf - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html