Hi all,
I am wondering if someone will be able to point me in the correct direction with a setup I am trying to achieve. Basically we are rolling out a new offering to our customers where we want to have our LAC's query our radius servers which will then proxy requests on to our customer's radius servers based on the domain used in the username. I have got all of the proxy'ing working within radius - nice and easy following the wiki and instructions - thanks. My problem is that the response I send to our LAC has to contain extra information depending on the domain. Is it possible to query a local mysql database for this extra information (these are cisco av pairs needed to establish the tunnels between the LAC and LNS) and add it into the Access-Accept message that is returned to the LAC from the radius? An example would of what I have at the moment is: Sending Access-Accept of id 6 to xx.xx.xx.xx port 51274 Framed-IP-Address = 192.168.0.1 Service-Type = Framed-User Framed-Protocol = PPP Framed-IP-Netmask = 255.255.255.255 Tunnel-Server-Endpoint:0 = "yy.yy.yy.yy" And I need it contain 3 extra lines that would be stored locally (in italics): Sending Access-Accept of id 6 to xx.xx.xx.xx port 51274 Framed-IP-Address = 192.168.0.1 Service-Type = Framed-User Framed-Protocol = PPP Framed-IP-Netmask = 255.255.255.255 Tunnel-Server-Endpoint:0 = "yy.yy.yy.yy" Tunnel-Type:0 = L2TP Tunnel-ID=DEFGH L2TP-Tunnel-Password=ABCDE" This is currently running on FreeRADIUS Version 2.1.7. I have read the documentation and the mailing lists but cant seem to find anyone who has had to do a similar thing. Kind Regards Dan Fisher Technical Manager get your data flowing ... DDI: 020 7099 8985 Tel: 0845 868 7848 Fax: 0845 868 7858 danfis...@fluidata.co.uk <mailto:danfis...@fluidata.co.uk> www.fluidata.co.uk <http://www.fluidata.co.uk/> This message is intended solely for the use of the individual or organisation to whom it is addressed. It may contain privileged or confidential information. If you have received this message in error, please notify the originator immediately. If you are not the intended recipient, you should not use, copy, alter, or disclose the contents of this message. All information or opinions expressed in this message and/or any attachments are those of the author and are not necessarily those of Fluidata Ltd. Fluidata accepts no responsibility for loss or damage arising from its use, including damage from virus.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html