Configuring a proxied and local authentication
Alan DeKok
aland at ox.org
Fri Dec 2 18:16:46 CET 2005
Samuel Degrande <Samuel.Degrande at lifl.fr> wrote:
> I don't find a way to add a NAS-Identifier value inside the proxied
> request, so that B server could check it...
That's because the NAS didn't send it. FreeRADIUS doesn't add one,
so...
> I tried:
> <username> Proxy-To-Realm := <realm>, NAS-Identifier := <id>
> and
> <username> Proxy-To-Realm := <realm>, NAS-Identifier += <id>
That won't work in the "users" file. You have to set the
NAS-Identifier in the preproxy_users file.
> How to configure the A server so that if B rejects the request, then
> A will check in a local user base (through pam) ?
That's a little harder. The server isn't designed to do that easily.
Alan DeKok.
More information about the Freeradius-Users
mailing list