suggestions for multiple vlans in hundreds of switches
Alan DeKok
aland at deployingradius.com
Sat Apr 21 09:19:13 CEST 2007
Arran Cudbard-Bell wrote:
> Yeah, complex sql really can be quite slow, specially when the queries
> are being run multiple times for all the rounds required in eap
> authentication.
If you're using the TLS variants of EAP, you can do:
DEFAULT FreeRADIUS-Proxied-To == 127.0.0.1, Autz-Type := "internal"
Then in the "authorize" section, add:
...
Autz-Type internal {
... do DB lookups here
}
If you're doing password lookups in LDAP, put "ldap" in that section.
Then, the LDAP lookups will only be done when they're needed.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
More information about the Freeradius-Users
mailing list