Howto proxy (or not) based on client IP ?
Fred
fred.maison at gmail.com
Thu Oct 20 18:52:16 CEST 2011
Hello Phil,
Your solution is usable for very small number of NAS ; I will have
many hundreds of nas ....
It's why I talked about having some variable like virtual_server in
clients.conf (or a custom attr like my-realm defined in dictionnary,
configured in clients.conf and used with unlang %{client:my-realm} or
something like that.
so :
if ( "%{client:my-realm}" ) {
But in fact, I don't know how specifying a virtual server in
clients.conf could do a part of the job ...
2011/10/20 Phil Mayers <p.mayers at imperial.ac.uk>:
> On 10/20/2011 05:10 PM, Fred wrote:
>>
>> Hi all,
>>
>> Is there any way to select proxying or not based on client ip ?
>>
>> I would like to have
>> * some nas authenticated locally (in fact via ldap)
>> * some other nas proxyied to another radius.
>
> authorize {
> if (Client-IP-Address == x.x.x.x) {
> update control {
> Proxy-To-Realm := OTHER
> }
> }
> }
>
> ...then define the realm in proxy.conf as per examples.
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
More information about the Freeradius-Users
mailing list