Thanks Ivan. Now I have 2 radius servers running on same machine as radiusa (port 1812) and radiusb (port 1912). I configured radiusa to do ldap auth and radiusb to do POP3 auth which works fine "individually" thru radclient. I setup proxy.conf in radiusa as realm xyz.net { type = radius authhost = radiusb.test1.net:1912 accthost = radiusb.test1.net:1913 secret = testing } I am sending request thru radclient on radiusa. But for some reason the request does not get proxied to radiusb. This is the radius -X log. rad_recv: Access-Request packet from host 167.206.23.94:1054, id=14, length=59 User-Name = "testaccount@xyz.net" User-Password = "test" Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 modcall[authorize]: module "preprocess" returns ok for request 0 modcall[authorize]: module "chap" returns noop for request 0 modcall[authorize]: module "mschap" returns noop for request 0 rlm_realm: Looking up realm "xyz.net" for User-Name = "testaccount@xyz.net" rlm_realm: Found realm "xyz.net" rlm_realm: Adding Stripped-User-Name = "testaccount" rlm_realm: Proxying request from user testaccount to realm xyz.net rlm_realm: Adding Realm = "xyz.net" rlm_realm: Preparing to proxy authentication request to realm "xyz.net" modcall[authorize]: module "suffix" returns updated for request 0 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module "eap" returns noop for request 0 users: Matched entry DEFAULT at line 75 users: Matched entry DEFAULT at line 180 users: Matched entry DEFAULT at line 184 modcall[authorize]: module "files" returns ok for request 0 modcall: entering group group for request 0 rlm_ldap: - authorize rlm_ldap: performing user authorization for testaccount radius_xlat: '(uid=testaccount)' radius_xlat: 'dc=test1,dc=net,o=internet' rlm_ldap: ldap_get_conn: Checking Id: 0 rlm_ldap: ldap_get_conn: Got Id: 0 rlm_ldap: attempting LDAP reconnection Please let me know if I am missing something. Thanks and Regards. --- On Mon, 8/25/08, Ivan Kalik <tnt@kalik.net> wrote: From: Ivan Kalik <tnt@kalik.net> Subject: Re: Pop3 and LDAP authentication...Multiple radius servers To: freeradius-users@lists.freeradius.org Date: Monday, August 25, 2008, 1:39 PM http://radiuswiki.suntel.com.tr/Proxy.conf Ivan Kalik Kalik Informatika ISP Dana 25/8/2008, "Eric Martell" <workoutexcite@yahoo.com> piše:
Hi, We have radius server which is inhouse which does the LDAP authentication We got a new request from third party to do authentication for "their" users using POP3.
So the request comes to radiusA (our inhouse radius).
If the user has realm as @xyz.net ..then we forward the request to third party to authenticate which might be radiusB which does the authentication using POP3.
If there is no realm attached, radiusA does the LDAP auth and return the response.
Not sure how to specify in our radiusd.conf.
I could not find any thread in the list. Please let me know the link if this is already discuss.
Really Appreciated your quick response.
Thanks and Regards.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html