I've try below at the end of authorize section if (control:Auth-Type := "EAP") { update control { { Proxy-To-Realm == "xyz.com" } realm xyz.com { type = radius authhost = 123.123.123.1:1812 accthost = 123.123.123.1:1813 secret = password nostrip } } if (control:Auth-Type := "PAP") { update control { { Proxy-To-Realm == "xyz.com" } realm xyz.com { type = radius authhost = 123.123.123.2:1812 accthost = 123.123.123.2:1813 secret = password nostrip } } Got error while startup the freeradius Error: /etc/freeradius/sites-enabled/default[212]: ERROR: No value given for attribute { Error: /etc/freeradius/sites-enabled/default[211]: Failed to parse "update" subsection. Error: /etc/freeradius/sites-enabled/default[62]: Errors parsing authorize section. What is my mistake? Thanks KH ----- Original Message ---- From: Alan Buxey <A.L.M.Buxey@lboro.ac.uk> To: FreeRadius users mailing list <freeradius-users@lists.freeradius.org> Sent: Fri, December 18, 2009 4:22:39 AM Subject: Re: proxy same realm but different authentication protocol to different server Hi,
Am I possible to do these?
1. proxy realm xyz.com (PAP/CHAP) to server#1
2. proxy realm xyz.com (PEAP) to server#2
yes, in many varied ways.... you could doa check of Auth-Type at the end of the authorise section..and then if realm = xyz.com update the control to proxy to server1 it its PAP or CHAP or if its EAP then proxy it to server2 alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html