radius proxy senario

tnt at kalik.net tnt at kalik.net
Mon Mar 9 13:18:32 CET 2009


>I have trying both
>
>if ("%{User-Name}" =~ /"^ABC\/"/ ) {
>                 update control {
>                 Realm := 'another_realm'
>                 }
>         }
>
>
>if ("%{User-Name}" =~ /"^ABC\/"/ ) {
>                 update request {
>                 Realm := 'another_realm'
>                 }
>         }
>
>
>Still not working.
>
>Just make sure if I'm not understand wrongly. In the ideal case when receiving access access ABC/userid at my_realm, i should able to transform this login id as userid at another_realm, and proxy the login id base on another_realm at proxy.conf.
>
>Debugged log as below:
>
>rad_recv: Access-Request packet from host 192.168.168.7 port 2469, id=42, length=65
>        User-Name = "ABC/userid at my_realm"
>        User-Password = "test"
>        NAS-Port = 100
>+- entering group authorize {...}
>++[preprocess] returns ok
>++? if ("%{User-Name}" =~ /"^ABC\/"/)
>        expand: %{User-Name} -> ABC/userid at my_realm
>? Evaluating ("%{User-Name}" =~ /"^ABC\/"/) -> FALSE
>++? if ("%{User-Name}" =~ /"^ABC\/"/) -> FALSE
>No authenticate method (Auth-Type) configuration found for the request: Rejecting the user

*Add* that to authorize. Don't delete everything else. Regex don't work
well in 2.1.3. Use 2.1.1 or wait a few days for 2.1.4.

Ivan Kalik
Kalik Informatika ISP




More information about the Freeradius-Users mailing list