> -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On > Behalf Of Alan DeKok > Sent: Sunday, February 15, 2004 12:09 PM > To: [EMAIL PROTECTED] > Subject: Re: No attributes after proxy autentication > > "Troy Settle" <[EMAIL PROTECTED]> wrote: > > After some 4 years, I'm back to looking at freeradius, and > while I found > > the configuration daunting at first, I quickly got it > trimmed down to > > the bare essentials of what I need (which is authorization > only). Great > > job, the configuration syntax is fairly easy to get once all the > > commentary and useless crap has been cut out of the config files. > > It's called "documentation" :)
Yeah, I know, but I'm not sure which is more daunting... Complex software with no documentation, or copmlex software with as much documentation as FreeRadius has. When I'm done with my migration, I think I may look into contributing on the documentation (which I actually intended to do when this project first got off the ground 4 years ago). > > > Authentication reqeusts are being successfully proxied out > to the master > > servers (the VISP), but the freeradius server is ignoring > the attributes > > set in the users file (such as static IPs), even though it > clearly says > > it matched. > > By default, the reply from the home server is taken as the basis for > the reply to the NAS. The local attributes are also added. > > > modcall[post-proxy]: module "attr_filter" returns updated for > > request 0 > > I would suggest double-checking that configuration. It's deleting > the attributes from the home server. Actually, this is the behavior I want (for now). I want complete control over all the attributes myself (static IP assignments, filters, reply messages, etc). The only thing I want from the home server, is password authentication. > > > authorize: Skipping authorize in post-proxy stage > > See "post_proxy_uses", to add local attributes to the reply to the > NAS. Yup, I changed this back to 'yes' after doing some more digging, and the desired behavior came back. I did try to add 'files' to post-proxy, but apparently 'files' doesn't have a hook for this. No big deal, as long as the backwards compatibility stays in. -- Troy Settle Pulaski Networks http://www.psknet.com 540.994.4254 ~ 866.477.5638 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html