I'm hoping to simply my users file, and I'm hoping someone can help. Right now I have something like the following.
users file: --------- user01 Auth-Type:=Accept, Huntgroup-Name=="Office", Hint==Port-1812 Connect-Info="OFFICE_NET" user01 Huntgroup-Name=="Office", Hint==Port-1645, Proxy-To-Realm := PROXY_GW Connect-Info="OFFICE_NET" hints: ----- DEFAULT User-Name =~ "^(.*)$" Hint = "Port-%{request:Packet-Dst-Port}" proxy.conf: ---------- proxy server { synchronous = no retry_delay = 5 retry_count = 1 dead_time = 300 default_fallback = yes # enable post_proxy_authorize to get our local radius instance to # send back the connect-info on successful auth post_proxy_authorize = yes } realm PROXY_GW { type = radius authhost = 10.1.2.3:1812 secret = mys3kr1t } Basically, if "user01" connects on port 1812, all we do is the authorize step. If they're in the users file, they get access. If not, they don't. If "user01" connects on port 1645, we want to proxy their authentication to another radius server, and we want to do authorization locally against this file. So, right now, for every huntgroup/connect-info pair, I have *two* entries in the users file. One is for Port-1812, the other for Port-1645. So the question of the hour is: Is there something nifty I can do to eliminate the need for *two* nearly-identical entries for each user? Thanks! - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html