One client, multiple NAS-Port-Types
Phil Mayers
p.mayers at imperial.ac.uk
Thu Jun 2 18:01:58 CEST 2011
On 02/06/11 16:17, DaveA wrote:
>
> Alan DeKok wrote:
> > Proxying. Set up a minimal virtual server that proxies to others.
>
> Okay, this makes sense, but I am still unclear as to where to make the
> differentiation between NAS-Port-Types.
>
> What I envision is something like:
> If (NAS-Port-Type == Virtual ) {
> Home_server = admincli
> }
> Elsif (NAS-Port-Type == Ethernet ) {
> Home_server = 8021x
> }
authorize {
...
if (NAS-Port-Type == Virtual) {
update control {
Proxy-To-Realm := ADMIN_SERVER
}
}
# N.B. maybe do this instead
elsif (EAP-Message) {
update control {
Proxy-To-Realm := EAP_SERVER
}
}
...
}
..and in proxy.conf:
home_server EAP {
type = auth+acct
virtual_server = eap
}
home_server_pool EAP_POOL {
home_server = EAP
}
realm EAP_SERVER {
pool = EAP_POOL
}
More information about the Freeradius-Users
mailing list