> i have domain1\user1 and this get radius proxy correctly to the > radius1 server (11.11.11.11) based on ntdomain prefix > have also set the ignore_null = yes > > i have us...@domain1 and this get radius proxy correctly to the > radius1 server (11.11.11.11) based on suffix > have also set the ignore_null = yes > > under /modules/realm > realm ntdomain { > format = prefix > delimiter = "\\" > ignore_default = yes > ignore_null = yes > } > > realm suffix { > format = suffix > delimiter = "@" > ignore_default = yes > ignore_null = yes > } > > > Under proxy.conf > > realm domain1 { > type = radius > nostrip > authhost = 11.11.11.11:1812 > accthost = 11.11.11.11:1813 > secret = secret1 > } > > realm NULL { > type = auth > authhost = 22.22.22.22:1812 > accthost = 22.22.22.22:1813 > secret = secret1 > } > > > Debug > > [ntdomain] No '\' in User-Name = "user2", skipping NULL due to config. > ++[ntdomain] returns noop > [suffix] No '@' in User-Name = "user2", skipping NULL due to config. > ++[suffix] returns noop > [eap] No EAP-Message, not doing EAP > ++[eap] returns noop > ++[unix] returns notfound > ++[files] returns noop > ++[expiration] returns noop > ++[logintime] returns noop > [pap] WARNING! No "known good" password found for the user. > Authentication may fail because of this. > ++[pap] returns noop > No authenticate method (Auth-Type) configuration found for the > request: Rejecting the user > Failed to authenticate the user. > Using Post-Auth-Type Reject > +- entering group REJECT {...} > [attr_filter.access_reject] expand: %{User-Name} -> user2 > attr_filter: Matched entry DEFAULT at line 11 > ++[attr_filter.access_reject] returns updated > Delaying reject of request 3 for 1 seconds > Going to the next request > Waking up in 0.9 seconds. > Sending delayed reject for request 3 > Sending Access-Reject of id 211 to 3.3.3.3 port 1645 > Waking up in 1.0 seconds. > Cleaning up request 2 ID 210 with timestamp +14 > Waking up in 3.9 seconds. > Cleaning up request 3 ID 211 with timestamp +17 > Ready to process requests. > > i have user2 (without domain) and this get rejected, i want it to send > to radius2 server (22.22.22.22) as defined in the NULL domain as > defined in the proxy.conf. Can advise how to do this?
Remove ignore_null from suffix. Ivan Kalik - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html