Hi, I have set up two FreeRADIUS (0.8.1, Debian packages recompiled) servers, with a MySQL replicating backend. Since we provide a local PoP for a national ISP, I need to proxy requests to their RADIUS server. The problem is, they don't use any realm for their users. The best solution would have been thus (IMHO) to try to authenticate from the SQL DB, and if that failed, to forward the request to their RADIUS. But no matter what I tried, FreeRADIUS seems to insist to fail the authentication as soon as one of the authentication methods fails. Is there a way to get around this behaviour ? It is a big PITA in our setup. At the moment, we're relying on terrible hacks who scare the hell out of me, and I really would want to get rid of them (and yes, I did try to RTFM, but wasn't able to find that in the docs. Trying to put a proxy configuration for realm NULL and putting 'suffix', then 'sql' in the 'authorize' section denies access to our local users, inverting the methods called in 'authorize' results in the non-local ones being unrecognized. This really drives me nuts)...
Another question is about post-proxying : I originally configured the RADIUS to send back a 'Framed-IP-Address' parameter based on the port number of the NAS (avoids me the hassle of rummaging through the radacct logs to find who had that IP at that hour), and an 'Ascend-Maximum-Channels' parameter to please the broken NAS. The home server, of course, doesn't, and (again) I've been unable to find any information about mangling server responses except two short posts on the mailing list saying these functions should be available in the pre-0.8 snapshots[1]. Fine ! I run on 0.8.1, so I should have those magical functions, but I didn't find them, even after grepping the docs directory like a maniac. Could someone just point me at the right document ? [1] http://www.mail-archive.com/freeradius-users@lists.cistron.nl/msg11563.html Regards, -- [ Jacques Caruso <[EMAIL PROTECTED]> Développeur PHP ] [ Monaco Internet http://monaco-internet.mc/ ] [ Tél : (+377) 93 10 00 43 Clé PGP : 0x41F5C63D ] [ -+- Support bacteria! They're the only culture some people have. -+- ] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
