Configuring a proxied and local authentication

Samuel Degrande Samuel.Degrande at lifl.fr
Fri Dec 2 11:40:23 CET 2005


Hello.

Fist, I would like to apologize if my question is really too simple,
but I think that I don't exactly understand the configuration philosophy
of freeradius.

I did configure one radius server (A) to proxy incoming requests to an other
radius server (B, this later one using pam).

First question:
I don't find a way to add a NAS-Identifier value inside the proxied
request, so that B server could check it...

I tried:
<username> Proxy-To-Realm := <realm>, NAS-Identifier := <id>
and
<username> Proxy-To-Realm := <realm>, NAS-Identifier += <id>

(i'm using radtest to check my configuration, perhaps it's the problem ?)


Second question:

How to configure the A server so that if B rejects the request, then
A will check in a local user base (through pam) ?


As I said, I'm just perhaps too bad, and did not understand how all this
thing works, but please help me anyway :-) 

Thanks.

-- 
Samuel Degrande           LIFL - UMR8022 CNRS - INRIA Futurs - Bat M3
Phone: (33)3.28.77.85.30  USTL - Universite de Lille 1
Fax:   (33)3.28.77.85.37  59655 VILLENEUVE D'ASCQ CEDEX - FRANCE
[CA certs: http://igc.services.cnrs.fr/CNRS-Standard/recherche.html ]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 4039 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20051202/231bc0e8/attachment.bin>


More information about the Freeradius-Users mailing list