I want to use Freeradius as a proxy Radius server, and I think that my Freeradius don´t have to do authorize and authenticate: my Freeradius have to proccess request with realm "@unex.es", the others request have to be proxyed. My configuration is:
radiusd.conf:
authorize {
preprocess
suffix
files
Autz-Type LDAP_UNEX_ES{
ldap_unex_es
}
mschap
eap
}
authenticate {
ldap_unex_es
Auth-Type MS-CHAP {
mschap
}
eap
}
users:
DEFAULT Autz-Type = "LDAP_UNEX_ES"
proxy.conf:
realm
unex.es {
type = radius
authhost = LOCAL
accthost = LOCAL
}
realm NULL {
type = radius
authhost = LOCAL
accthost = LOCAL
}
realm DEFAULT {
type = radius
authhost = other_server_1
accthost = LOCAL
secret = ******
nostrip
}
realm DEFAULT {
type = radius
authhost = other_server_2
accthost = LOCAL
secret = ******
nostrip
}
- I want to define two instances of "realm DEFAULT", in case one of then fails. It is posible?
- Have my freeradius to do authorize and autheticate when request have to be proxyed?
- I think that in users file I have to distinguish between request with realm "@unex.es" to set Autz-Type = "LDAP_UNEX_ES" and the others...
I´m lost with proxy... I need help. Thank you.
Sorry for my english.