I wrote a little module for freeradius that is forwarding the incoming authentication requests to another server (to do the authentication). However I have to support proxying (in case there is a 3rd party RADIUS server).
I can not take advantage of realms, because the users are login without any realm suffixes, prefixes, etc. (User bob simply uses username 'bob'). The problems is that bob can be a valid user on our server as well on the 3rd party RADIUS server. I tried to experiment with the Proxy-To-Realm attribute in the users file, but haven't had any luck either. Here is what I m trying to do: use my module rlm_xxx to authenticate user bob - if success i don't need anything else - if failure i want to proxy the authentication request to a 3rd party RADIUS server - if the authentication on the 3rd party RADIUS server succeeds I registered a post-proxy function in my module, where I m decreasing failed authentication count on the first server All these steps are working (separatelly) , but I m not able to make them work together, i.e. my authentication works, but no proxying, or the proxying works (when i setup the 3rd party RADIUS in the NULL realm) - but then my authentication against the first server is not called at all (my modules authenticate function is not called), the request is proxied without attempting my authentication function, only the post-proxy function on my module is called. I wonder if you could suggest how to configure freeradius to achieve what I m trying to do (if it is possible at all of course), cheers, martin - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html