Virtual Hosts conflicting

Nicholas Hall ngharo at gmail.com
Fri Jan 4 18:00:39 CET 2008


On Jan 3, 2008 3:31 PM, Alan DeKok <aland at deployingradius.com> wrote:

> Nicholas Hall wrote:
> > *My Goal*: PAP on legacy port 1645, CHAP on 1812 working simultaneously.
>
>  All you need to do is to configure two "listen" sections.  This can be
> done in 1.1.7.  You don't need two virtual servers.
>

The problem is that my PAP users are in a different location in LDAP.  This
is why I created two more instances of the LDAP module pointing to a
different basedn.


> > *My Environment*: FreeRADIUS 2.0.0-pre2, LDAP user database, MySQL
> > Accounting.
>
>  Please don't use -pre2.  I'll be removing it from the web site soon,
> as we plan on releasing 2.0.0 within a *very* short while.  i.e. grab a
> copy of the source from CVS, and use that.


I'm actually running a CVS snapshot from a while back.  It seems to be
working fine -- my plan was to continue running it until 2.0.0 is released.


> > *Problem*: I'm running a virtual host for each AUTH port.  Each works
> > fine when placed in sites-enabled individually but my CHAP virtualhost
> > fails when both are enabled.  The vhost listening on 1812 appears to be
> > referencing an LDAP module that is not listed in it's server{ ... }
> > block.  You will see "ou=Dialup" in the debugging output below of a CHAP
> > request to 1812 that is only contained in the legacy PAP vhost.  Any
> > ideas are appreciated!!
>
>  Please read the *entire* debug log.  It's not just doing an LDAP query
> at random.  It's doing an LDAP query because you're using the LDAP-Group
> attribute in line 16 of the "users" file.
>
>  If you don't want a virtual server to do LDAP lookups, don't configure
>  it to use the LDAP-Group attribute.
>

Thanks.  Things are working after removing the LDAP-Group attribute.  I'm
not 100% sure why but for now I'm not going to worry about it!

-- 
Nicholas Hall
ngharo at gmail.com
262.208.6271
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20080104/28417830/attachment.html>


More information about the Freeradius-Users mailing list