Re: Go to virtual server by nas-id

Markus Maurer lists at v-net.tk
Tue Sep 3 08:58:02 CEST 2019


Am Montag, September 02, 2019 17:06 CEST, Alan DeKok <aland at deployingradius.com> schrieb: 
 
> On Sep 2, 2019, at 2:56 AM, Markus Maurer <lists at v-net.tk> wrote:
> > 
> > is there a way to forward radius-request, coming with a specified NAS-ID to a virtual server?
> > 
> > e.g. Radius-request sends username "john", password "doe" and nas-id "foo". Radius-server detects the nas-id "foo" in the request and forwards it to the virtual_server "bar".
> 
>   The only way is to accept all packets in one virtual server via a normal socket, and then proxy it internal.  You will need to set up a "home_server" which has a "virtual_server" set:
> 
> * add virtual server "foo" in sites-enabled/foo
>   configure it how you want, starting from a copy of the "default" virtual server
> 
> * create a home_server_pool and home_server in proxy.conf
> 
> home_server foo {
> 	virtual_server = foo
> }
> 
> home_server_pool foo {
> 	home_server = foo
> }
> 
> * tell it to proxy
> 
> 	...
> 	if (NAS-Identifier == "foo") {
> 		update control {
> 			Home-Server-Pool := "foo"
> 		}
> 	}
> 
>   It's a little convoluted, but it works.
> 
>   Alan DeKok.
> 
> 
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html 
 
 
 Hello Alan,

thank you very much!

The *tell to proxy part has to be in the authorize section, right?

Thx!

Best regards




More information about the Freeradius-Users mailing list