talking to eduroam federation

Alan Buxey A.L.M.Buxey at lboro.ac.uk
Thu Jan 5 22:53:16 CET 2012


Hi,

> realm DEFAULT {
> type = radius
> authhost = federation_server:1812
> accthost =federation_server:1813
> secret = xxxxxxxx
> nostrip
> }

you really dont want to do it that way - what you want to do is use some unlang
in authorize to ensure that the realm is valid...and then set the 'Realm' to
eg EDUROAM.....and then in proxy.conf set up an eduroam server_pool -this way
you only send legit packets upstream and not just allthe junk your RADIUS servers
receive...the national operators will love you for that.

your definition , as is, appears dated

 realm DEFAULT {
 type = auth+acct
 ipaddr = federation_server
 secret = xxxxxxxx
 nostrip
 }

alan



More information about the Freeradius-Users mailing list