Have you tried with pre-proxy and attr_rewrite? I?m trying but
attr_rewrite
module is not called (/usr/sbin/freeradius -x). I don?t know why.
No I haven't.
use -X instead -x, it'll show lot of things
and have u included that in the preproxy section in radiusd.conf
Sergio.
but when I
: miércoles, 10 de diciembre de 2003 7:37
Para: [EMAIL PROTECTED]
Asunto: Re: filtering attributes in proxy
Have you tried with pre-proxy and attr_rewrite? I?m trying but
attr_rewrite
module is not called (/usr/sbin/freeradius -x). I don?t know why.
No I haven't.
use -X instead -x, it'll show
Hello, Collegues!
I'm using freeradius-0.7.1. I'm trying to configure this freeradius
as proxy server to remote.
--
rad_recv: Access-Reject packet from host 195.123.5.10:1288, id=1, length=48
Ignoring request from unknown proxy 195.123.5.10:1288
--
Host 195.123.5.10 was configured
Hi Alex,
did u check clients.conf ?
Thomas .
Alex Radetsky wrote:
Hello, Collegues!
I'm using freeradius-0.7.1. I'm trying to configure this freeradius
as proxy server to remote.
--
rad_recv: Access-Reject packet from host 195.123.5.10:1288, id=1, length=48
Ignoring request from unknown
On Wed, Dec 10, 2003 at 03:56:45PM +0200, Alex Radetsky wrote:
Hello, Collegues!
I'm using freeradius-0.7.1. I'm trying to configure this freeradius
as proxy server to remote.
--
rad_recv: Access-Reject packet from host 195.123.5.10:1288, id=1, length=48
Ignoring request from
On Wed, Dec 10, 2003 at 03:11:42PM +0100, Thomas MARCHESSEAU wrote:
Hi Alex,
did u check clients.conf ?
[EMAIL PROTECTED] bin]# grep 195.123.5.10 /usr/local/radius-proxy/etc/raddb/*
clients: 195.123.5.10 123
clients.conf: client 195.123.5.10 {
proxy.conf: authhost
On Wed, Dec 10, 2003 at 04:18:30PM +0200, Alexey Balabushevich wrote:
I'm using freeradius-0.7.1. I'm trying to configure this freeradius
as proxy server to remote.
--
rad_recv: Access-Reject packet from host 195.123.5.10:1288, id=1, length=48
Ignoring request from unknown proxy
it mean? Does some one proxy exist between my and remote radius?
Is it correct?
PS. I can rewrite this code to create workaround. But I do not know, may
be it will not correct.
--
Alex Radetsky
AR2657-RIPE
RAD-UANIC
-
List info/subscribe/unsubscribe? See http
:
On Wed, Dec 10, 2003 at 03:11:42PM +0100, Thomas MARCHESSEAU wrote:
Hi Alex,
did u check clients.conf ?
[EMAIL PROTECTED] bin]# grep 195.123.5.10 /usr/local/radius-proxy/etc/raddb/*
clients: 195.123.5.10 123
clients.conf: client 195.123.5.10 {
proxy.conf: authhost = 195.123.5.10:1812
proxy.conf
Alex Radetsky [EMAIL PROTECTED] wrote:
I'm using freeradius-0.7.1. I'm trying to configure this freeradius
as proxy server to remote.
Upgrade to 0.9.3. Please.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Alex Radetsky [EMAIL PROTECTED] wrote:
So, if radius got packet from remote server with configured source_ip and
port, radiusd marks it as active.
But in my case, radius got packet from configured source_ip, but another
port.
What does it mean?
It means that the server you're
At 11:59 PM 12/8/2003, denz wrote:
but when I start the server I get this message ant the end, and server
exits.
Module: Instantiated attr_filter (attr_filter)
radiusd.conf: attr_filter modules aren't allowed in 'pre-proxy'
sections -- they have no such method.
shrug Edit
Have you tried with pre-proxy and attr_rewrite? I?m trying but attr_rewrite
module is not called (/usr/sbin/freeradius -x). I don?t know why.
Sergio.
-Mensaje original-
De: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] nombre de Chris
Parker
Enviado el: martes, 09 de diciembre de 2003
but when I start the server I get this message ant the end, and server
exits.
Module: Instantiated attr_filter (attr_filter)
radiusd.conf: attr_filter modules aren't allowed in 'pre-proxy'
sections -- they have no such method.
shrug Edit the source code for attr_filter
Gary Algier [EMAIL PROTECTED] wrote:
I am trying to figure out how to automatically proxy based upon criteri
in the users file.
Use the Proxy-To-Realm attribute:
bob Proxy-To-Realm := realm
I can see how I can check the NAS-IP-Address, but then
I don't know how to control where
Hello,
I have found that the backup server of my client is never used when the his
main server is down.
Another strange behaviour is that the reject is not answered on a timeout
but on receipt of the next authentication request, even if it comes one hour
after !
To solve the problem I have
I want any username like [EMAIL PROTECTED] to be proxied to
an existing radius server.
I have added
realm mydomain.net {
type = radius
authhost = 192.168.69.10:1645
accthost = 192.168.69.10:1646
secret = ascend
}
to my proxy.conf file. It still tries to authenticate
Anson Rinesmith [EMAIL PROTECTED] wrote:
to my proxy.conf file. It still tries to authenticate locally. I was told
not to put anything in my realms file.
What am I missing?
Read the output of radiusd -X. It will tell you WHY it is, or is
not, proxying.
Alan DeKok.
-
List
Hi:
I am trying to figure out how to automatically proxy based upon criteri
in the users file.
For example:
I have a user gary who logs in on a particular NAS (let us say
on IP 192.168.1.1). When he does so, his authentication should
be passed off to the radius server at 192.168.2.1
denz [EMAIL PROTECTED] wrote:
but when I start the server I get this message ant the end, and server
exits.
Module: Instantiated attr_filter (attr_filter)
radiusd.conf: attr_filter modules aren't allowed in 'pre-proxy'
sections -- they have no such method.
shrug Edit the source code
At 10:43 AM 12/4/2003, Alan DeKok wrote:
denz [EMAIL PROTECTED] wrote:
but when I start the server I get this message ant the end, and server
exits.
Module: Instantiated attr_filter (attr_filter)
radiusd.conf: attr_filter modules aren't allowed in 'pre-proxy'
sections -- they have
For example of proxy configuration... let say login
as [EMAIL PROTECTED], Is it possible
for Freeradius to strip the username (user1) and proxied to other radius server
using "abc.com.my" only...
thanks..
--haizam
I have put my realm in the realms file: bigrivertel.net
192.168.69.10
When I run radiusd X, I get the
following error:
/usr/local/etc/raddb/realms[28]: Cannot find 'clients' file
entry of remote server 209.16.220.10 for realm bigrivertel.net
Errors reading realms
Errors reading
Anson Rinesmith [EMAIL PROTECTED] wrote:
I have put my realm in the realms file: bigrivertel.net
192.168.69.10
You've also got to list it in the 'clients' file, OR use the
proxy.conf file.
/usr/local/etc/raddb/realms[28]: Cannot find 'clients' file entry of remote
server 209.16.220.10 for
PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok
Sent: Wednesday, December 03, 2003 2:56 PM
To: [EMAIL PROTECTED]
Subject: Re: proxy
Anson Rinesmith [EMAIL PROTECTED] wrote:
I have put my realm in the realms file: bigrivertel.net
192.168.69.10
You've also got to list
When I remove the realms entry, it tries to authenticate locally, when
watching 'radiusd -X'
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Alan DeKok
Sent: Wednesday, December 03, 2003 3:38 PM
To: [EMAIL PROTECTED]
Subject: Re: proxy
Anson Rinesmith
I need to remove the attribute
Calling-Station-Id = xxx
from the requests before passing it to the remote radius server.
Use rlm_attr_filter in pre-proxy.
I modified the radiusd.conf as suggested,
pre-proxy {
attr_filter
# If you want to have a log
Hi there,
I'm doing testing in preparation to upgrade a server from 0.5 to 0.9.3,
and I've run into an issue with Cisco's auth-proxy feature. Under 0.5,
it's been working. Upon successful authentication, the radius server
sends back the proper Cisco-AVpairs for a temporary ACL. I have a debug
Ben Hockenhull [EMAIL PROTECTED] wrote:
Under 0.9.3, only the first AVPair is sent back. I'm not sure why.
Read the 'man' page for the 'users' file. I think it's also in the
FAQ.
Try '+=', instead of '='.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
Make sure when you install the new server you get the new man pages as well.
Alan DeKok wrote:
Ben Hockenhull [EMAIL PROTECTED] wrote:
Under 0.9.3, only the first AVPair is sent back. I'm not sure why.
Read the 'man' page for the 'users' file. I think it's also in the
FAQ.
Try '+=',
hi everyone!
The Curent problem :
I've got a radius sever(some
Old radius server) configured with a NAS. I want to pass MSISDN from NAS
to radius. But the problem is when I pass that attribute, the Authentication
process stops.
Solution
I'm thinking of running a
freeradius in proxy
denz [EMAIL PROTECTED] wrote:
I've got a radius sever(some Old radius server) configured with a
NAS. I want to pass MSISDN from NAS to radius. But the problem is when I
pass that attribute, the Authentication process stops.
I doubt that very much.
Read the FAQ about posting questions
Hi,
Radius Server 1 -- Free Radius -- Radius Server 2
I control the Free Radius server, which serves as a proxy. I need to modify
a radius attribute value that is incoming from Radius Server 1 before it is
being send to Radius Server 2. How can I do that?
I'm using rlm_perl, so if it can
I've been asked if the following is possible. We operate a pair of
radius servers that proxy several realms to their respective home
servers. We need to limit their users access based on
Called-Station-ID. When the Auth request comes in from the NAS, I need
to be able to consult a (possibly
Mark Moody [EMAIL PROTECTED] wrote:
We need to limit their users access based on Called-Station-ID.
When the Auth request comes in from the NAS, I need to be able to
consult a (possibly large) list of access numbers and determine if
the user called an approved number, if so allow the request
access at a proxy server based on Called-Station-ID
Mark Moody [EMAIL PROTECTED] wrote:
We need to limit their users access based on Called-Station-ID.
When the Auth request comes in from the NAS, I need to be able to
consult a (possibly large) list of access numbers and determine if
the user
I am not sure how to achieve this using rlm_attr_rewrite (probably
others can help), but you can write your own post-proxy method. Add
that module in the post-proxy section of radius.conf, so that your
post-proxy method is called whenever the Radius server receives a reply
for the proxied request
Sorry, I don't know how to make it work. Could you
tell me more about it ?
I use freeradius to be a proxy
server. A === MySite
= B
I want each Auth-Reply to be one of below
cases.
1. If the Session-Timeout is defined and the value
is great than 0, proxy the reply-packet without
, but there is
special group of users which want duplicate his accounting info to non
local server, but authorize locally. i create prefix for this group and
i add it into proxy configuration with two accthost entries.
now i need strip suffix for this special group before authorization,
because i don't want store
Hello~
May I addan
attribute "session-time" into a proxy-replypacketif the value of
"session-timeout" is not assigned
before I reply it to
another radiusd server ?
Thanks a lot
~
rlm_attr_filters may work?
Liyan Tan
[EMAIL PROTECTED]2003-11-13
Artur
I made a mistake editing that mail last night.
200.193.87.129 has no relation to problem related. It's another server
for tests.
my problem is: the proxy server doesn't send acct (accounting) packets
to 200.180.55.65 server.
Justo know:
200.180.22.15 is the RAS that consult only
ok
looking at your radiusd.conf file, i wonder if you have to add a preacct
section with a suffix module in it in order to look up the realms.
otherwise it seems ok to me.
ciao
artur
I made a mistake editing that mail last night.
realm dimapel.com.br {
type= radius
=?ISO-8859-1?Q?Jefferson_D=FCmes?= [EMAIL PROTECTED] wrote:
Freeradius 0.8 doesn't send account packet's to other freeradius.
It does if you've configured it correctly.
No erros in log files.
Someone give me an idea.
Since you haven't followed the directions in the FAQ for problem
Hi Alan
Would you show me where is some kind of reference of the problem I
reported ???
I'm not an radius expert, but I already used a cistron (patched to log
in mysql) and icradius. In this two server, I just say to do proxy to
some server and it does it (auth ant acct).
I agree
=?ISO-8859-1?Q?Jefferson_D=FCmes?= [EMAIL PROTECTED] wrote:
I'm not an radius expert, but I already used a cistron (patched to log
in mysql) and icradius. In this two server, I just say to do proxy to
some server and it does it (auth ant acct).
FreeRADIUS does that, too.
I'm looking
- radiusd.conf
- console out of radiusd -X (of proxy server)
Obs.: I didn't put radiusd -X console out of realm server. Because I
used iptraf -i on the realm server and theres's no acct packet comming
from proxy server.
$ cat proxy.conf | grep -v # $$$
proxy server
(B
(B
(BIs it possible to haveONE radius
(Bserver query TWO databases in the same server for requests for different
(Brealms?
(B
(BFor example if I hadtwo
(Brealms
(B
(B
(Bdialup.someisp.net
(Badsl.someisp.net
(B
(Band both realms came into the same radius
(Bserver, and I had
On Fri, 24 Oct 2003, CW wrote:
Is it possible to have ONE radius server query TWO databases in the same
server for requests for different realms?
For example if I had two realms
dialup.someisp.net
adsl.someisp.net
and both realms came into the same radius server, and I had two mysql
the radtest to our windows radius server
it goes through ok so I know it works.
I setup the proxy, but two questions. Do I have the hotspot send auth and acct
to the default port of 1814? Or 1812 and 1813?
Also, My error I get in the radius
log is
Wed Oct 22 14:39:22 2003 : Error: Ignoring request
Thanks for your advise.
It works for Authentication, but Accounting.
If I want to proxy accounting packets with these rulers, what should I do ?
1.proxy accounting packets which realm ends with .us to serverATus.
2. proxy accounting packets which realm ends with .jp to serverATjp.
Thanks a lot
At 09:58 PM 10/15/2003, you wrote:
I tried to set the Radius server (0.9.1 on Red Hat 9) so it can do
proxy. I use the sql module for authentication (mysql).
I have two users, [EMAIL PROTECTED]' and 'alex_chen'. in the DB.
I setup the proxy.conf like the followings so that if the proxy server
I have a proxy server configured to proxy to the NULL realm.
This has worked fine until recently when it has started to silently drop
RADIUS requests rather than forward them. The NAS does not recieve any
response and so rejects users.
My hypothesis is that the RADIUS server it is proxying
at least help
you test your hypothesis.
HTH,
Chris
At 10:57 AM 10/16/2003, you wrote:
I have a proxy server configured to proxy to the NULL realm.
This has worked fine until recently when it has started to silently drop
RADIUS requests rather than forward them. The NAS does not recieve any
response
I tried to set the Radius server (0.9.1 on Red Hat 9) so it can do
proxy. I use the sql module for authentication (mysql).
I have two users, [EMAIL PROTECTED]' and 'alex_chen'. in the DB.
I setup the proxy.conf like the followings so that if the proxy server
192.168.1.12 fails, it will try
Dear All:
I have 2 Radius
Servers, R1, R2, and each server maintains its own user data.
I hope to use the
realm "@myrealm" for each user.
I built a proxy server
with freeradiusd 0.9.0 to be a dispatcher.
The trouble is I can't
identify a user is belong to R1or R2.
Can someone please briefly indicate the expected behaviour of FreeRADIUS
where a realm has a single instance of a {auth|acct}host is specified,
but this server has been marked dead owing to inactivity?
My reading of the source suggests to me that it will get dropped
silently, but I would
that it will get dropped
silently, but I would appreciate an educated opinion!
By it I mean a RADIUS packet that the proxy FreeRADIUS server has
recieved.
josh.
--
---
Josh Howlett, Networking Digital Communications,
Information Systems
Josh Howlett [EMAIL PROTECTED] wrote:
My reading of the source suggests to me that it will get dropped
silently, but I would appreciate an educated opinion!
Pretty much. Sending a reject request may be friendlier, though.
Alan DeKok.
-
List info/subscribe/unsubscribe? See
On Tue, 2003-10-14 at 15:22, Alan DeKok wrote:
Josh Howlett [EMAIL PROTECTED] wrote:
My reading of the source suggests to me that it will get dropped
silently, but I would appreciate an educated opinion!
Pretty much. Sending a reject request may be friendlier, though.
Yes. It would be
methods that can be deployed on whatever
legacy RADIUS server and use of FREERADIUS as a proxy to take advantage
about security in shared media environments.
Pleas comment.
Regards
Roman
-Puvodní zpráva-
Od: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] uivatele Alan DeKok
Odesláno: 8
Roman Janos [EMAIL PROTECTED] wrote:
Actually the question is other. Are there any plans to implement (or
it is already implemented?) proxying functionality for EAP-TTLS
tunneled authentication method (e.g. EAP-MD5,PAP,
) ?
No.
If not the TTLS implementation makes no sense.
I disagree.
Hello,
Is there any plans to implement proxying for EAP/TTLS in near future?
Sergio
Alan DeKok wrote:
Roman Janos [EMAIL PROTECTED] wrote:
I try to make TTLS authentication. This is gone with PAP/EAP-MD5 in tunneled
mode but only if the PAP/EAP-MD5 credentials
were on the same maschine.
If
proxy.c. The
server can proxy any authentication method used by the NAS.
Thank you again.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hi all,
I would like to know if there is a special tricks to have accthost
working on freeradius 0.9.1 in proxy mode :
My accounting request are not forwarded by the proxy to my radius server .
--- proxy.conf (working fine on 0.8.1)
realm myrealm.net {
type
At 08:18 AM 10/8/2003, Thomas MARCHESSEAU wrote:
Hi all,
I would like to know if there is a special tricks to have accthost
working on freeradius 0.9.1 in proxy mode :
My accounting request are not forwarded by the proxy to my radius server .
What modules do you have enabled in the 'preacct
Hi Chris,
Chris Parker wrote:
At 08:18 AM 10/8/2003, Thomas MARCHESSEAU wrote:
Hi all,
I would like to know if there is a special tricks to have accthost
working on freeradius 0.9.1 in proxy mode :
My accounting request are not forwarded by the proxy to my radius
server .
What modules do
fastbyte [EMAIL PROTECTED] wrote:
Is there any plans to implement proxying for EAP/TTLS in near future?
No.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Allen,
You could try to put the following in the users file:
DEFAULT Realm =~ \.us$, Proxy-To-Realm += us
DEFAULT Realm =~ \.jp$, Proxy-To-Realm += jp
In proxy.conf you can put something like:
realm us {
type= radius
authhost= 123.123.234.234:1812
only CHAP protocol(But i have no confidence).
I have no clue how you decided that from reading proxy.c. The
server can proxy any authentication method used by the NAS.
Q. Does FreeRadius support proxy setting with PAP authentication?
Yes, if the NAS sends RADIUS requests with PAP passwords
freeradius server and try to
make proxing it don't go any more.
There seems be a problem with proxing becouse no proxy request isn't send to
other radius server.
Below is useful listing (end part with eror and proxy setting). On other
second RADIUS server is TTLS radius server configured as client
Roman Janos [EMAIL PROTECTED] wrote:
I try to make TTLS authentication. This is gone with PAP/EAP-MD5 in tunneled
mode but only if the PAP/EAP-MD5 credentials
were on the same maschine.
If I try to put the user credentials on other freeradius server and try to
make proxing it don't go any
Hello all.
I have some problem with Freeradius-0.9.1 with proxy setting.
I have some company who provide AccessPoint's each other by roaming setting.
Almost of company is pretty good working, But only one is problem.
This Admin says his radius server is little old and it only suppory with PAP
Hello~
I have a question
about Proxy.
I would like to
1.proxy realms which end
with ".us" to serverATus.
2. proxy realm which end
with".jp" to serverATjp.
What should I
define in the proxy.conf ?
Thanks a lot
...
I am proxying auth from my server (freeradius, .8.1) to another server
(cistron radius) and when running radtest, I can only get correct
answers if I add the '1' to radtest to turn the Framed-Protocol = PPP on
How do I insert that into a auth request on the regular proxy? Or,
should I just have
Ivan Meic [EMAIL PROTECTED] wrote:
I'm not using a 'round robin' method, so I really
was expecting that it will send accounting packets to
all servers specified in the list.
That isn't the way it's intended to work.
Ok, I can understand how to use radrelay, but than I have another problem.
that it will send accounting packets to
all servers specified in the list.
In this case it works fine, but if I want to proxy it
to one additional server it doesn't work.
The proxy only sends the accounting data to the first server on the list
and leaves one copy for itself.
See 'radrelay'. It's
Hi,
I'm using FreeRADIUS v0.8.1 on RedHat 7.1.
I'm using it strictly for accounting purposes with
MySQL running in the background.
Also I'm using proxy features to be able to send the accounting data
to one more server, just to have another copy.
--- proxy.conf ---
proxy server {
synchronous
Ivan Meic [EMAIL PROTECTED] wrote:
Also I'm using proxy features to be able to send the accounting data
to one more server, just to have another copy.
Ok..
realm NULL {
type= radius
authhost= 80.253.170.52:1812
accthost= 80.253.170.52:1813
Currently using freeradius-0.9.1 running over Freebsd
v4.8.
Is it possible to do proxy authentication and
accounting based on NAS-IP-Address / Client-IP-Address or NAS-Identifier
instead or realms?
Regards
Can I use a combination of a (local) radius proxy and a (remote) radius
server?
Whenever a client tries to authenticate himself:
= I first want to check against a local radius-server
= if that failed, I want to check with a remote radius server instead.
I am not looking for local caching
I read in the freradius specification that it is
capable of doing proxy authentication and/or accounting forwarding based on any
attribute. Traditionally, Proxy was only applicable through
Realms/Suffixes.
Suppose I want to do accounting forwarding based on
NAS-IP address, how I would do
Hello,
I would like freeradius to accept both user [EMAIL PROTECTED] for valid
authentication via an access server. I have tried to do this via proxy
realms, but cannot seem to get it working. I get the following error:
Thread 5 handling request 4, (1 handled so far)
NAS-IP-Address
I am going to get the following data from a user:
[EMAIL PROTECTED]
I need to parse off bar.com and have Freeradius pass [EMAIL PROTECTED] to the
proper radius server for auth.
Well, I don't much about proxying yet, but maybe you can accomplish to let
the username change in [EMAIL
I'm running .8 on Redhat 7.3, on a machine that is essentially acting as a
radius server traffic cop.
I am going to get the following data from a user:
[EMAIL PROTECTED]
I need to parse off bar.com and have Freeradius pass [EMAIL PROTECTED] to the
proper radius server for auth.
I've fiddled
From: Erik Denny
Sent: Saturday, 23 August 2003 2:24 PM
I'm running .8 on Redhat 7.3, on a machine that is essentially acting as a
radius server traffic cop.
I am going to get the following data from a user:
[EMAIL PROTECTED]
I need to parse off bar.com and have Freeradius pass
Hi,
I have one FR 0.8.1 runing as Radius Proxy (radius A).
I got 3 kind of auth packet from one NAS
(1) userid
(2) abc/[EMAIL PROTECTED]
(3) [EMAIL PROTECTED]
I would like auth case (1) locally(radius A) ,
case (2) should be fwd to radius B
case (3) should be fwd to radius C
So I config
;
+char*realmname;
+
+ /*
+ * It's not a proxy reply, so return NOOP
+ */
+
+ if( request-proxy == NULL ) {
+ return( RLM_MODULE_NOOP );
+ }
+
+ request_pairs = request-packet-vps;
+ reply_items = request-proxy_reply-vps
doesn't work. Don't use it.
Use Proxy-To-Realm.
Ok. I followed the example in raddb/acct_users. The problem is equal. I
found out that I only need attr-filter during preproxy authorize, not
for accounting. Is it possible to simply detect in rlm_attr_filter if it
was called from the authorize section
*realmpair;
+REALM *realm;
+char*realmname;
+
+ /*
+* It's not a proxy reply, so return NOOP
+*/
+
+ if( request-proxy == NULL ) {
+ return( RLM_MODULE_NOOP );
+ }
+
+ request_pairs = request-packet-vps
On Mon, 2003-08-11 at 16:45, Chris Brotsos wrote:
Another strange thing, if I dialin without a realm, that realm is added
after the files section (Proxy-To-Realm =+ realmname). This works for
authentication, but not for accounting. With pre-proxy an accounting
packet the attr_filter returns
on Redhat with proxy
Hi All,
I'm frist time try the radius server. May I ask who can post the freeradius
on redhat here? Or where can I find the details study manuel?
Thanks
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
At 09:15 AM 8/8/2003, you wrote:
On Fri, 2003-08-08 at 15:48, Alan DeKok wrote:
Chris van Meerendonk [EMAIL PROTECTED] wrote:
Is it possible to filter attributes that are sent by using radius proxy
to the home-server? Something like attr_filter in the pre-proxy stage?
If attr_filter
check item, but maybe you need to use Proxy-To-Realm :=
realmname. I don't remember how the two VPs are handled differently, nor
am I sure if you want the functionality of Proxy-To-Realm, but give that a
try and see if you don't get what you want.
It looks to me it's behaving the same
At 09:34 AM 8/11/2003, you wrote:
I sent the post-proxy patch...you probably hadn't received it by the time
you sent this.
Yes, I guess I was a little impatient, a bad attitude of me...
I included a patch this time with the post-proxy() and accounting()
functions. Pay attention
At 03:58 AM 8/12/2003, you wrote:
On Mon, 2003-08-11 at 16:45, Chris Brotsos wrote:
Another strange thing, if I dialin without a realm, that realm is added
after the files section (Proxy-To-Realm =+ realmname). This works for
authentication, but not for accounting. With pre-proxy an accounting
Chris van Meerendonk [EMAIL PROTECTED] wrote:
As far as I can see now the problem is that in the acct_users I've got
the following:
DEFAULT Huntgroup-Name == huntgroup, Replicate-To-Realm := realmname
Replicate-To-Realm doesn't work. Don't use it.
Use Proxy-To-Realm.
Alan DeKok
At 08:06 AM 8/11/2003, you wrote:
On Fri, 2003-08-08 at 15:48, Alan DeKok wrote:
Chris van Meerendonk [EMAIL PROTECTED] wrote:
Is it possible to filter attributes that are sent by using radius proxy
to the home-server? Something like attr_filter in the pre-proxy stage?
If attr_filter
I have one FR 0.8.1 runing as Radius Proxy (radius A).
I got 3 kind of auth packet from one NAS
(1) userid
(2) abc/[EMAIL PROTECTED]
(3) [EMAIL PROTECTED]
I would like auth case (1) locally(radius A) ,
case (2) should be fwd to radius B
case (3) should be fwd to radius C
So I config my
-08 at 15:48, Alan DeKok wrote:
Chris van Meerendonk [EMAIL PROTECTED] wrote:
Is it possible to filter attributes that are sent by using radius proxy
to the home-server? Something like attr_filter in the pre-proxy stage?
If attr_filter doesn't already have a pre-proxy stage
1 - 100 of 426 matches
Mail list logo