Re: Subrealm Support
At 03:31 PM 2/4/2003, you wrote: Is there a way to proxy subrealms to downstream radius servers? We have [EMAIL PROTECTED], [EMAIL PROTECTED], subrealm3.foo.com and want to proxy all three subrealms to the same downstream radius server without having to specify each subrealm...just the *.foo.com realm portion. There were some older archieved discussions towards this topic but it wasn't clear how to implement. If you are referring to a previous thread concering a gentlemen who did not want to specify all of his realms in proxy.conf because most of them were going to the same proxy server, then the suggested solution was to use the DEFAULT realm entry. Specify all of the realms that you do not want to go to this common proxy server as normal, then in the DEFAULT realm profile, specify the RADIUS information that pertains to your *.foo.com realms. Of course, upon doing this, every unspecified realm will match against the DEFAULT profile and get proxied to said RADIUS server. There is no regex matching against entries in proxy.conf. Chris - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Subrealm Support
Hmm...we already have the DEFAULT in use for other purposes. I suspected this to be the case. Thanks for your responsiveness. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Chris Brotsos Sent: Tuesday, February 04, 2003 4:38 PM To: [EMAIL PROTECTED] Subject: Re: Subrealm Support At 03:31 PM 2/4/2003, you wrote: Is there a way to proxy subrealms to downstream radius servers? We have [EMAIL PROTECTED], [EMAIL PROTECTED], subrealm3.foo.com and want to proxy all three subrealms to the same downstream radius server without having to specify each subrealm...just the *.foo.com realm portion. There were some older archieved discussions towards this topic but it wasn't clear how to implement. If you are referring to a previous thread concering a gentlemen who did not want to specify all of his realms in proxy.conf because most of them were going to the same proxy server, then the suggested solution was to use the DEFAULT realm entry. Specify all of the realms that you do not want to go to this common proxy server as normal, then in the DEFAULT realm profile, specify the RADIUS information that pertains to your *.foo.com realms. Of course, upon doing this, every unspecified realm will match against the DEFAULT profile and get proxied to said RADIUS server. There is no regex matching against entries in proxy.conf. Chris - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Subrealm Support
At 03:45 PM 2/4/2003, you wrote: Hmm...we already have the DEFAULT in use for other purposes. I suspected this to be the case. Thanks for your responsiveness. O/K. Well, what about using a DEFAULT profile in Users. Do a reg-ex match on the username/realm/whatever, and then set a proxy-to-realm attribute that will suffice for your *.foo.com realms. Just another possibility. Hope one of them helps. Chris -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Chris Brotsos Sent: Tuesday, February 04, 2003 4:38 PM To: [EMAIL PROTECTED] Subject: Re: Subrealm Support At 03:31 PM 2/4/2003, you wrote: Is there a way to proxy subrealms to downstream radius servers? We have [EMAIL PROTECTED], [EMAIL PROTECTED], subrealm3.foo.com and want to proxy all three subrealms to the same downstream radius server without having to specify each subrealm...just the *.foo.com realm portion. There were some older archieved discussions towards this topic but it wasn't clear how to implement. If you are referring to a previous thread concering a gentlemen who did not want to specify all of his realms in proxy.conf because most of them were going to the same proxy server, then the suggested solution was to use the DEFAULT realm entry. Specify all of the realms that you do not want to go to this common proxy server as normal, then in the DEFAULT realm profile, specify the RADIUS information that pertains to your *.foo.com realms. Of course, upon doing this, every unspecified realm will match against the DEFAULT profile and get proxied to said RADIUS server. There is no regex matching against entries in proxy.conf. Chris - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html --- Christopher Brotsos ([EMAIL PROTECTED]) Development Engineering StarNet/MegaPOP: http://www.megapop.net WX is wireless : http://www.starnetwx.net This message is sent in confidence to the addressees. It may contain privileged, proprietary, or confidential information. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
