radius proxy senario

A.L.M.Buxey at lboro.ac.uk A.L.M.Buxey at lboro.ac.uk
Sat Mar 7 11:15:02 CET 2009


Hi,

> 1. I have a local realm (suffix), xyz.com. I'm using freeradius 2.1.3+mysql.
> 
> 2. My own user's username in mysql radcheck table is store in username at xyz.com format
> 
> 3. A person want me to proxy his prefix ABC/his-customer-username at myrealm to his radius server, i.e: ABC/his-customer-username at xyz.com

nasty. same realm but needs to be handled differently. okay. i'd say use unlang
for this.  before prefix, realm etc are called in the auth stage, have a check ie

quick pseudo-code whilst i have a coffee

if (user-name =~ "^ABC\/") {
     update realm == "another_realm"
  }

then in proxy.conf


another_realm {
  blah blah
 }

ie 'fake' the realm within the FreeRADIUS engine so that its got its own special
entry in proxy.conf

alan



More information about the Freeradius-Users mailing list