Re: replicate-to-realm - freeRadius 0.7

[Alan DeKok]

Loh John Wu <[EMAIL PROTECTED]> wrote:
> I basically want all incoming accounting packets (no care about
> which realm it came from or even if it came from a specific realm)
> to be replicated to another remote server (tpc-c3-27).

  Use 'radrelay'.  It's by far and away your best choice.

  Alan DeKok.

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

replicate-to-realm - freeRadius 0.7

[Loh John Wu]

Hello,

I've been having diffculty trying to replicate ALL incoming accounting
packets to another remote server.  I'm running version 0.7.

I basically want all incoming accounting packets (no care about which realm
it came from or even if it came from a specific realm)
to be replicated to another remote server (tpc-c3-27).  So following the
instructions from the acct_users file that describers the Repliate-To-Realm
attribute, I've made the following modifications to the the config files.

acct_users file:

DEFAULT NAS-IP-Address == 10.129.3.103, Replicate-To-Realm := "tpc-c3-27"

realms file:

# Realm Remote server [:port]   Options
#   -   ---
#isp2.com   radius.isp2.com nostrip
#company.comradius.company.com:1600
#bla.comLOCAL
#replicatemeradius2.company.com   notrealm
tpc-c3-27   10.129.3.102notrealm

clients file:

# Client Name   Key
#   --
#portmaster1.isp.comtesting123
#portmaster2.isp.comtesting123
#proxyradius.isp2.com   TheirKey
#localhost  testing123
10.129.3.103   secret
tpc-c3-27   secret

naslist file:

# NAS Name  Short Name  Type
#   --  
#portmaster1.isp.compm1.NY  livingston
#portmaster2.isp.compm1.LA  livingston
10.129.3.103tpc-c3-28portslave
#localhost   local   portslave

I have proxying turned on in the radiusd.conf file (as default) and I'm
sending packets to the freeRadius server using radclient.

This is my radclient config file

NAS-IP-Address = 10.129.3.103, NAS-Port-Id = 210, NAS-Port-Type = ISDN,
User-Name
 = "addlogin@realmname", Acct-Status-Type = Start, Acct-Authentic = RADIUS,
Serv
ice-Type = Framed-User, Acct-Session-Id = "00016F16", Framed-Protocol = PPP,
Fra
med-IP-Address = 216.75.171.100

I'm thinking my above configuration *should* work and replicate the
accounting packet I'm sending with radclient to the remote server
"tpc-c3-27".
I do get a response from the 1st radius server when I send the packet out
with radclient, but I don't see the packet at the remote server.
Basically, I'm running radclient on machine 10.129.3.103 and sending it to
my radius server on 10.128.2.53 which I want to replicate the packet to
machine "tpc-c3-27"=10.129.3.102.  However, it only seems that the packet
gets processed at 10.128.2.53 and is never replicated to 10.129.3.102 and I
see no errors (none that I can distinguish as a replication/proxy error) in
the log files.

any help would be greatly appreciated,
thanks,
John

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html