Hello, I am trying to setup CoA proxying to a number of Juniper MXes. These are a bit clumsy to configure as CoA servers: The CoA clients cannot be configured explicitly. Instead they reuse the auth/acct configuration, including secret, for CoA clients. So I have a few hundred CoA servers (NASes), and 3 radius servers authorized as CoA clients. Using FreeRADIUS to proxy CoA requests from ther real CoA clients looks like a perfect solution. My problem is that the configuration seems a bit clumsy, given that I cannot really change neither IP address nor secret from what's already there in the FreeRADIUS client definition. It would have been ideal to just add a flag or whatever, saying that "this client is also a CoA server", and allowing direct proxy to it using some virtual attribute. My current working configuration requires a separate static home_server and home_server_pool definition pointing to it for *each* NAS, as the only way I've found to redirect the CoA packets is by setting Home-Server-Pool. The documentation talks about Proxy-To-Realm as well, but I've been unable to find any parameter allowing me to configure a realm for CoA. realms only have auth{_pool,host} and acct{_pool,host} AFAICT. The per client CoA configuration doesn't look like anything I can use at all. If I understand it correctly, that's only for the *CoA clients*. Is this a correct view of the current (2.1.x) state of CoA proxying, or did I miss something? I believe I saw a request for dynamic home servers recently. Looks like that might be something for me as well. Bjørn