I'm trying to get Eduroam working on our existing Freeradius service. There are myriad instructions for getting Eduroam working. Unfortunately a majority of them assume you are configuring it to only do Eduroam and nothing else. Currently I am proxying Successfully to Eduroam with the following setup: realm concordia.ca { } realm LOCAL { nostrip } realm NULL { nostrip } realm DEFAULT { pool = EDUROAM-FTLR nostrip } I won't show the pool config for the "DEFAULT" realm. But suffice to say that's working. Also, our legacy users who are authenticating with no realm are working as well. What isn't working are local connections using our local real (u...@concordia.ca) and distant AAA requests from Eduroam. The Eduroam cookbook provides some configs that appear to be helpful. But unfortunately they're so broken I can't even put them in my configuration. What the below configs appear to do is check if they are of realm domain.tld and then switch the Proxy-Realm. But the configs are too broken to work. >From what I understand at the first "if" is missing a double quote, and the second one isn't even evaluating and I can't fix it enough to get the server to restart. I have included my fixes, but as I said the preacct if statement still does not allow the server to restart after the config is included. ORIGINAL authorize { auth_log suffix if (("%{control:Proxy-To-Realm} == "DEFAULT") && (User-Name =~ /.*@.*.domain.tld$/)) { update control { Proxy-To-Realm := NULL } } preacct { detail suffix if ((Proxy-To-Realm = DEFAULT) && (User-Name =~ /.*@.*.domain.tld$/)) update control { Proxy-To-Realm := NULL } } FIXED (???) authorize { auth_log suffix if (("%{control:Proxy-To-Realm}" == "DEFAULT") && (User-Name =~ /.*@.*.domain.tld$/)) { update control { Proxy-To-Realm := NULL } } preacct { detail suffix if ((Proxy-To-Realm == "DEFAULT") && (User-Name =~ /.*@.*.domain.tld$/)) update control { Proxy-To-Realm := NULL } } Nathan Van Fleet Telecommunications Analyst Network Assessment and Integration IITS Concordia University (514) 848-2424 Extension:5434
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html