Proxy-To-Realm and Users File

Mike O'Connor freeradius at pineview.net
Thu Aug 27 02:13:13 CEST 2009 

Hi All

Using freeradius 2.1.4 the following works if I user the hints file.

DEFAULT      Called-Station-Id == "splns357"
                        User-Name := "%{User-Name}@mb.webshield.net.au"

The user is proxied to the correct server and the user is correctly set.

I now need to proxy based on the User-Name which in this case will
always be a telephone number (Mobile Broadband SIM's)

I had added the following to the users file (which I hope to change to
the fast users later)

61466004163    Proxy-To-Realm := "mb.webshield.net.au"
                          User-Name := "%{User-Name}@mb.webshield.net.au"

This proxies the user to the next server but does not rewrite the
username, I've also tried a couple of other in this file but none seem
to work.


rad_recv: Access-Request packet from host 118.67.209.51 port 56036,
id=1, length=92
    Framed-Protocol = PPP
    User-Name = "61466004163"
    User-Password = "password"
    Calling-Station-Id = "61466004163"
    Called-Station-Id = "splns357"
    Service-Type = Framed-User
    NAS-IP-Address = 118.67.208.51
+- entering group authorize {...}
++[preprocess] returns ok
[auth_log]     expand:
/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d ->
/var/log/radius/radacct/118.67.209.51/auth-detail-20090827
[auth_log]
/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands
to /var/log/radius/radacct/118.67.209.51/auth-detail-20090827
[auth_log]     expand: %t -> Thu Aug 27 09:40:24 2009
++[auth_log] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "61466004163", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
[files] users: Matched entry 61466004163 at line 1
[files]     expand: %{User-Name}@mb.webshield.net.au ->
61466004163 at mb.webshield.net.au
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
2009-08-27T09:40:24.327336: Verbose: RLM_PYTHON: handling Authorize
request...
++[python] returns ok
+- entering group pre-proxy {...}
[attr_filter.pre-proxy]     expand: %{Realm} -> mb.webshield.net.au
++[attr_filter.pre-proxy] returns noop
Sending Access-Request of id 250 to 118.67.209.21 port 1812
    Framed-Protocol = PPP
    User-Name = "61466004163"
    User-Password = "password"
    Calling-Station-Id = "61466004163"
    Called-Station-Id = "splns357"
    Service-Type = Framed-User
    NAS-IP-Address = 118.67.208.51
    Proxy-State = 0x31
Proxying request 0 to home server 118.67.209.21 port 1812
Sending Access-Request of id 250 to 118.67.209.21 port 1812
    Framed-Protocol = PPP
    User-Name = "61466004163"
    User-Password = "password"
    Calling-Station-Id = "61466004163"
    Called-Station-Id = "splns357"
    Service-Type = Framed-User
    NAS-IP-Address = 118.67.208.51
    Proxy-State = 0x31
Going to the next request
Waking up in 0.9 seconds.
Waking up in 13.0 seconds.
rad_recv: Access-Reject packet from host 118.67.209.21 port 1812,
id=250, length=23
    Proxy-State = 0x31


Thanks All

Mike

More information about the Freeradius-Users mailing list