Unitary testing of virtual servers on a proxy RADIUS

Alan DeKok aland at deployingradius.com
Fri Jun 29 13:56:25 CEST 2018

> On Jun 29, 2018, at 5:43 AM, Nidhal Taleb <n.taleb at me.com> wrote:
> We have a working freeradius server acting as a proxy for our customers. All customers go through the same clients pool. Clients as intended in /etc/freeradius/clients.
> For some new need we need to change the behavior of our server for a certain type of requests - an existing realm must now be processed locally by the server and not as a proxy -. I thought about implementing this through the use of virtual servers. It works well in our testing environment but it’s time to test it in production.
> The way I understand virtual servers is that they must be « declared » under the client configuration in the /etc/freeradius/clients file. 

  That's the way it works.

> The problem I am facing is that in doing so, I implement the change on all incoming authentication requests whereas I would have preferred to do so on a unique user just to be sure it would work in the production environment.

  You can't send just *one* user to a virtual server.  See raddb/sites-available/README for documentation on how virtual servers && clients work.

  Alan DeKok.

More information about the Freeradius-Users mailing list