Hi all We have a radius setup that we use to authenticate our own adsl users as well as proxying radius to 2 other sources. Our own radius entries use a realm after each username, a typical entry is:
############ [EMAIL PROTECTED] Password == secret Service-Type = Framed-User, Framed-Protocol = PPP, Framed-Address = 10.0.0.3, Framed-Netmask = 255.255.255.255, Framed-Compression = Van-Jacobsen-TCP-IP ########### Is there a way of getting radius to authenicate on the username before the @ sign and ignore the realm? Obviously if the realm is one that we proxy then it should be proxied as such and any that aren't in the proxy.conf file authenticated locally. This may sound like an odd request but in the case of users typing the realm incorrect but the username is Ok they can be authenticated still. Since we only get sent authentication requests from realms that belong to us or the people we proxy for locally it doesn't really matter what the realm is, the user still has to have the correct password to authenticate. In the case the user is one we proxy and the user types the realm incorrect then they just won't be authenticated since it wouldn't be proxied and the username would not exist in our radius users file, this is fine. I've tried adding "strip" to the LOCAL entry in proxy.conf and also just adding the entry: ############ user1 Password == secret Service-Type = Framed-User, Framed-Protocol = PPP, Framed-Address = 10.0.0.3, Framed-Netmask = 255.255.255.255, Framed-Compression = Van-Jacobsen-TCP-IP ########### to the radius users file but it won't authenticate. Thanks Tony - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html