Hi, I try to build a topology like that: Freeradius receives authentication requests and sends to two OTP server according to user is defined. Then, if OTP server accept password freeradius authorizes user and assign an IP address from IP pool which defined on user attribute. For this, I write this configuration In proxy.conf file: home_server motp_1 { type = auth+acct ipaddr = 10.1.1.52 port = 1812 secret = test status_check = status-server } home_server motp_2 { type = auth+acct ipaddr = 10.43.1.52 port = 1812 secret = test status_check = status-server } home_server_pool motp { type = fail-over home_server = motp_1 home_server = motp_2 } realm motp { pool = motp nostrip } and users: tevfikceydeliler Proxy-To-Realm := motp Framed-Protocol := PPP, Pool-Name := turkcell ??? Altough this configs, user can get IP adddress from Pool. ?? log file says (cropped): ... rad_recv: Access-Request packet from host 10.65.8.117 port 63687, id=13, length=56 User-Name = "tevfikceydeliler" User-Password = "8704cb" Wed Jan 7 15:40:27 2015 : Info: # Executing section authorize from file /etc/freeradius/sites-enabled/default Wed Jan 7 15:40:27 2015 : Info: +- entering group authorize {...} Wed Jan 7 15:40:27 2015 : Info: ++[preprocess] returns ok Wed Jan 7 15:40:27 2015 : Info: sql_xlat Wed Jan 7 15:40:27 2015 : Info: expand: %{User-Name} -> tevfikceydeliler Wed Jan 7 15:40:27 2015 : Info: sql_set_user escaped user --> 'tevfikceydeliler' Wed Jan 7 15:40:27 2015 : Info: expand: select groupname from radhuntgroup where nasipaddress="%{NAS-IP-Address}" -> select groupname from ra dhuntgroup where nasipaddress="10.65.8.117" Wed Jan 7 15:40:27 2015 : Debug: rlm_sql (sql): Reserving sql socket id: 3 Wed Jan 7 15:40:27 2015 : Info: SQL query did not return any results Wed Jan 7 15:40:27 2015 : Debug: rlm_sql (sql): Released sql socket id: 3 Wed Jan 7 15:40:27 2015 : Info: expand: %{sql:select groupname from radhuntgroup where nasipaddress="%{NAS-IP-Address}"} -> Wed Jan 7 15:40:27 2015 : Info: ++[request] returns ok Wed Jan 7 15:40:27 2015 : Info: ++[chap] returns noop Wed Jan 7 15:40:27 2015 : Info: ++[mschap] returns noop Wed Jan 7 15:40:27 2015 : Info: [suffix] No '@' in User-Name = "tevfikceydeliler", looking up realm NULL Wed Jan 7 15:40:27 2015 : Info: [suffix] No such realm "NULL" Wed Jan 7 15:40:27 2015 : Info: ++[suffix] returns noop Wed Jan 7 15:40:27 2015 : Info: [eap] No EAP-Message, not doing EAP Wed Jan 7 15:40:27 2015 : Info: ++[eap] returns noop Wed Jan 7 15:40:27 2015 : Info: ++[unix] returns notfound Wed Jan 7 15:40:27 2015 : Info: [files] users: Matched entry tevfikceydeliler at line 205 Wed Jan 7 15:40:27 2015 : Info: ++[files] returns ok Wed Jan 7 15:40:27 2015 : Info: [sql] expand: %{User-Name} -> tevfikceydeliler Wed Jan 7 15:40:27 2015 : Info: [sql] sql_set_user escaped user --> 'tevfikceydeliler' Wed Jan 7 15:40:27 2015 : Debug: rlm_sql (sql): Reserving sql socket id: 2 Wed Jan 7 15:40:27 2015 : Info: [sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-U ser-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'tevfikceydeliler' ORDER BY id Wed Jan 7 15:40:27 2015 : Info: [sql] User found in radcheck table Wed Jan 7 15:40:27 2015 : Info: [sql] expand: SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-U ser-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radreply WHERE username = 'tevfikceydeliler' ORDER BY id Wed Jan 7 15:40:27 2015 : Info: [sql] expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = 'tevfikceydeliler' ORDER BY priority Wed Jan 7 15:40:27 2015 : Info: [sql] expand: SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE gro upname = '%{Sql-Group}' ORDER BY id -> SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE gr oupname = 'Turkcell_motp' ORDER BY id Wed Jan 7 15:40:27 2015 : Info: [sql] User found in group Turkcell_motp Wed Jan 7 15:40:27 2015 : Info: [sql] expand: SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE gro upname = '%{Sql-Group}' ORDER BY id -> SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE gr oupname = 'Turkcell_motp' ORDER BY id Wed Jan 7 15:40:27 2015 : Debug: rlm_sql (sql): Released sql socket id: 2 Wed Jan 7 15:40:27 2015 : Info: ++[sql] returns ok Wed Jan 7 15:40:27 2015 : Debug: rlm_sqlcounter: Entering module authorize code Wed Jan 7 15:40:27 2015 : Debug: rlm_sqlcounter: Could not find Check item value pair Wed Jan 7 15:40:27 2015 : Info: ++[dailycounter] returns noop Wed Jan 7 15:40:27 2015 : Debug: rlm_sqlcounter: Entering module authorize code Wed Jan 7 15:40:27 2015 : Debug: rlm_sqlcounter: Could not find Check item value pair Wed Jan 7 15:40:27 2015 : Info: ++[monthlycounter] returns noop Wed Jan 7 15:40:27 2015 : Debug: rlm_sqlcounter: Entering module authorize code Wed Jan 7 15:40:27 2015 : Debug: rlm_sqlcounter: Could not find Check item value pair Wed Jan 7 15:40:27 2015 : Info: ++[weeklycounter] returns noop Wed Jan 7 15:40:27 2015 : Debug: rlm_sqlcounter: Entering module authorize code ... ... Wed Jan 7 15:40:27 2015 : Info: ++[pap] returns noop Wed Jan 7 15:40:27 2015 : Info: WARNING: Empty pre-proxy section. Using default return values. Sending Access-Request of id 12 to 10.1.1.52 port 1812 User-Name = "tevfikceydeliler" User-Password = "8704cb" NAS-IP-Address = 10.65.8.117 Proxy-State = 0x3133 Wed Jan 7 15:40:27 2015 : Info: Proxying request 0 to home server 10.1.1.52 port 1812 Sending Access-Request of id 12 to 10.1.1.52 port 1812 User-Name = "tevfikceydeliler" User-Password = "8704cb" NAS-IP-Address = 10.65.8.117 Proxy-State = 0x3133 Wed Jan 7 15:40:27 2015 : Debug: Going to the next request Wed Jan 7 15:40:27 2015 : Debug: Waking up in 0.9 seconds. rad_recv: Access-Accept packet from host 10.1.1.52 port 1812, id=12, length=39 Reply-Message = "Hello Friend!" Proxy-State = 0x3133 Wed Jan 7 15:40:28 2015 : Info: # Executing section post-proxy from file /etc/freeradius/sites-enabled/default Wed Jan 7 15:40:28 2015 : Info: +- entering group post-proxy {...} Wed Jan 7 15:40:28 2015 : Info: [eap] No pre-existing handler found Wed Jan 7 15:40:28 2015 : Info: ++[eap] returns noop Wed Jan 7 15:40:28 2015 : Info: Found Auth-Type = Accept Wed Jan 7 15:40:28 2015 : Info: Auth-Type = Accept, accepting the user Wed Jan 7 15:40:28 2015 : Info: # Executing section post-auth from file /etc/freeradius/sites-enabled/default Wed Jan 7 15:40:28 2015 : Info: +- entering group post-auth {...} Wed Jan 7 15:40:28 2015 : Info: [sql] expand: %{User-Name} -> tevfikceydeliler Wed Jan 7 15:40:28 2015 : Info: [sql] sql_set_user escaped user --> 'tevfikceydeliler' Wed Jan 7 15:40:28 2015 : Info: [sql] expand: %{User-Password} -> 8704cb Wed Jan 7 15:40:28 2015 : Info: [sql] expand: INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S') -> INSERT INTO radpostauth (username, pass, reply, authdate) VA LUES ( 'tevfikceydeliler', '8704cb', 'Access-Accept', '2015-01-07 15:40 :27') Wed Jan 7 15:40:28 2015 : Debug: rlm_sql (sql) in sql_postauth: query is INSERT INTO radpostauth (username, pass, reply, a uthdate) VALUES ( 'tevfikceydeliler', '8704cb', 'Access-Accept', '2015-01-07 15:40:27') Wed Jan 7 15:40:28 2015 : Debug: rlm_sql (sql): Reserving sql socket id: 1 Wed Jan 7 15:40:28 2015 : Debug: rlm_sql (sql): Released sql socket id: 1 Wed Jan 7 15:40:28 2015 : Info: ++[sql] returns ok Wed Jan 7 15:40:28 2015 : Info: ++[exec] returns noop Sending Access-Accept of id 13 to 10.65.8.117 port 63687 Reply-Message = "Hello Friend!" Wed Jan 7 15:40:28 2015 : Info: Finished request 0. Wed Jan 7 15:40:28 2015 : Debug: Going to the next request Wed Jan 7 15:40:28 2015 : Debug: Waking up in 4.9 seconds. -- <br> <img src="http://www.yasar.com.tr/banner/yhbanner.jpg"> </img> <br><br> Bu elektronik postada bulunan tum fikir ve gorusler ve ekindeki dosyalar sadece adres sahip/sahiplerine ait olup, Yasar Toplulugu Sirketleri bu mesajin icerigi ile ilgili olarak hic bir hukuksal sorumlulugu kabul etmez. Eger gonderilmesi dusunulen kisi veya kurulus degilseniz, lutfen gonderen kisiyi derhal haberdar ediniz ve mesaji sisteminizden siliniz.The information contained in this e-mail and any files transmitted with it are intended solely for the use of the individual or entity to whom they are addressed and Yasar Group Companies do not accept legal responsibility for the contents. If you are not the intended recipient, please immediately notify the sender and delete it from your system.