Michael Schlies wrote: > Hello all, > I seem to be running into an issue with a RADIUS setup I am doing. I am > setting up a server that hosts 5 radius instances in 1.x and does realm > proxying to 4 of them but uses one realm (realm 'a.com' in this case) as > its default. so if requests for 'b.com', 'c.com', etc come in they get > relayed on to their radius server and that result is relayed back to the > NAS. In 2.0 I want to merge these separate instances into a single > instance using virtual servers. The problem I am running into is I can > see that accounts are being successfully authenticated on the virtual > servers however the home server is returning Access-Reject unless the > user authenticated is one of its local users...
So... update your policies so that it doesn't do user lookups for proxied packets. > Mon Oct 12 13:39:45 2009 : Debug: rlm_sql (sql-a): User found in group > DISABLED That would seem to be definitive. Why are you disabling users when you want them to be authenticated? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html