Proxy Config/File
Pizu
pizpower at gmail.com
Fri Apr 9 14:58:42 CEST 2021
Both VPN And Switches are going to use same realm as a name but the auth
and accounting is different, is there a way to do it?
Regards,
Pizu
On Fri, 9 Apr 2021 at 12:42, Matthew Newton <mcn at freeradius.org> wrote:
>
>
> On 09/04/2021 11:34, Pizu wrote:
> > Is it possible to call multiple proxy files according to the source Ip
> > Address/Range in the pre-proxy?
>
> You can set which proxy to use by updating the Proxy-To-Realm control
> attribute in the authorize section.
>
> > We would like to have the Switch with the 8021x calling a certain proxy
> > file and if coming from VPN will call another.
> >
> > Also if calling different files is not possible something similar to
> this..?
> >
> > if ((&NAS-IP-Address == 172.16.65.0/24) || (&NAS-IP-Address ==
> > 172.16.193.0/24)) {
> > **something here to use realm**
> > }
> >
> > }
> > elsif (&NAS-IP-Address == 10.69.3.182) {
> > **something here to use realm**
> > }
> > }
>
> Yes. Define your realms in proxy.conf, e.g.
>
> home_server switch_realm {
> home_server = ...
> ...
> }
>
> home_server vpn_realm {
> home_server = ...
> ...
> }
>
> Then in authorize set Proxy-To-Realm as required, e.g.
>
> if (...) {
> update control {
> Proxy-To-Realm := "switch_realm"
> }
> }
> else {
> update control {
> Proxy-To-Realm := "vpn_realm"
> }
> }
>
> --
> Matthew
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list