On Tuesday 25 April 2006 01:43, TS wrote: > > What does debugging mode say? > > Exactly what you'd expect it to say if the realm isn't in proxy.conf: > > ##### > rad_recv: Access-Request packet from host 127.0.0.1:33499, id=115, > length=68 User-Name = "[EMAIL PROTECTED]" > User-Password = "acc355" > ... > > The user doesn't exist as the entry in users just has the username as > "user1" and the request is sending [EMAIL PROTECTED]
The original users example you posted had the username of "[EMAIL PROTECTED]" with a password of "secret". Here you say the users file has just "user1". Which is correct? > I want radius to first check to see if the request needs to be proxied. It will do this if you have a realm module listed in the authorize section. The suffix realm module is listed in the default config. > If not then authenticate it locally no matter what the realm is but before > authenticating it strip off the realm and just use everything before the @ > sign as the username. Alan's hint to use LOCAL is still correct. If you know the realms people will be using, you can list them in the proxy.conf file. If you want to catch any realm not already defined and send that to local auth, that is pretty easy to accomplish. Please read doc/proxy for a better understanding of how realms work with proxying, and also how the 2 special realms work. If you're still stumped, post back with your questions. Kevin Bonner
pgpQo5jKw4rh6.pgp
Description: PGP signature
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
