Re: can i set attribute after the proxy server authenticated the user information?
At 11:07 PM 12/22/2002 -0800, you wrote:
I've downloaded freeradius0.8.1 and installed it on a
FreeBSD 4.4 pc.
I added the following lines in the config file hints
DEFAULT Suffix = @test1.vpdn, Strip-User-Name = No
Hint = PPP,
Service-Type = Framed-User,
Framed-Protocol = PPP,
cisco-avpair = lcp:interface-config=ip vrf
forwarding vrf1\\n ip unnumbered loopback1\\n peer
default ip address pool vpn1
# the last line is a set of command for the cisco
router as NAS
lines in proxy.conf
realm test1.vpdn {
type= radius
authhost= 211.xx.xx.93:1812
accthost= 211.xx.xx.93:1813
secret = WinRadius
}
# i dont want the radius server 211.xx.xx.93 to return
any attribtes about NAS because it belongs to our
customer.
now, the result is:
the customer's radius server successfully
authenticated the request from freeradius server, but
i lose the attributes added in the file hints.
can i do anything to override the customer's radius's
returned attributes?
See if rlm_attr_filter will do what you need.
Chris
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: can i set attribute after the proxy server authenticated the user information?
Huang Zhong [EMAIL PROTECTED] wrote: I added the following lines in the config file hints ... now, the result is: the customer's radius server successfully authenticated the request from freeradius server, but i lose the attributes added in the file hints. I'll bet money it's because you don't have a 'Hints == PPP' entry in the 'users' file. See how the distributed file uses hints... Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
can i set attribute after the proxy server authenticated the user information?
I've downloaded freeradius0.8.1 and installed it on a
FreeBSD 4.4 pc.
I added the following lines in the config file hints
DEFAULT Suffix = @test1.vpdn, Strip-User-Name = No
Hint = PPP,
Service-Type = Framed-User,
Framed-Protocol = PPP,
cisco-avpair = lcp:interface-config=ip vrf
forwarding vrf1\\n ip unnumbered loopback1\\n peer
default ip address pool vpn1
# the last line is a set of command for the cisco
router as NAS
lines in proxy.conf
realm test1.vpdn {
type= radius
authhost= 211.xx.xx.93:1812
accthost= 211.xx.xx.93:1813
secret = WinRadius
}
# i dont want the radius server 211.xx.xx.93 to return
any attribtes about NAS because it belongs to our
customer.
now, the result is:
the customer's radius server successfully
authenticated the request from freeradius server, but
i lose the attributes added in the file hints.
can i do anything to override the customer's radius's
returned attributes?
thank you all.
__
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
