BASIC question, but still having conceptual issues

Gary Gatten Ggatten at waddell.com
Sat Aug 29 16:08:35 CEST 2009 

Seems like with FR this can be accomplished numerous ways.  The virtual server sounds like what I'm looking for, ill read up on it.

Thanks!

Gary


----- Original Message -----
From: freeradius-users-bounces+ggatten=waddell.com at lists.freeradius.org <freeradius-users-bounces+ggatten=waddell.com at lists.freeradius.org>
To: FreeRadius users mailing list <freeradius-users at lists.freeradius.org>
Sent: Sat Aug 29 04:02:03 2009
Subject: Re: BASIC question, but still having conceptual issues

Gary Gatten wrote:
> I have several different type's of clients/NAS's that will be using FR
> as the Front End to perform AAA - mostly Authentication, but the Author
> and Acct are close behind.

  Use virtual servers.  See raddb/sites-available/README

> Anyway, each of these clients need to perform slightly different backend
> queries to determine if Authenticate should pass or fail:
>
> So, how do I go about this?

  Configure completely different virtual servers, even if the contents
of those servers are mostly the same.

  This lets you work like each type of NAS has it's own RADIUS server,
with it's own policies.

>  I'm currently using NTLM_Auth and that's
> all working fine, I'm just not sure how to say in FR config: if request
> of type 1, run this NTLM_Auth command and check for this group; If
> request of type 2 run this other NTLM_Auth command and check for this
> other group.

  You'll also need to configure different instances of the MSCHAP
module, too.

  Alan DeKok.

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html





<font size="1">
<div style='border:none;border-bottom:double windowtext 2.25pt;padding:0in 0in 1.0pt 0in'>
</div>
"This email is intended to be reviewed by only the intended recipient
 and may contain information that is privileged and/or confidential.
 If you are not the intended recipient, you are hereby notified that
 any review, use, dissemination, disclosure or copying of this email
 and its attachments, if any, is strictly prohibited.  If you have
 received this email in error, please immediately notify the sender by
 return email and delete this email from your system."
</font>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20090829/6b39eebb/attachment.html>

More information about the Freeradius-Users mailing list