On 01/03/2012 10:14 AM, Phil Mayers wrote:
On 01/03/2012 07:40 AM, Arnaud Loonstra wrote:
However it only executes the authorize section of the nas-auth virtual
server.
Yes. That is how that feature works.
I could create realms for the virtual servers and proxy to them by
using Proxy-To-Realm := "mac-auth" instead of the server[] directive.
Do this. It's works much closer to what you want, AFAICT.
[snip]
Ok, thanks for the feedback. I'll stick with realm proxying when I have
to process lots of different radius requests (== more complex setup). In
my current case I only need to do NAS-prompt login, MAC-Auth and the
rest is just handled default (802.1x, general auth, accounting).
I'm going to do just some unlang fu in authorize and post-auth. I reckon
it's more efficient than proxying...
Rg,
Arnaud
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
