Proxy Question

Reynold McGuire rmcguire at suffolk.edu
Fri Apr 21 14:22:59 CEST 2006


How's everyone doing?

I have a proxy question / problem.

I am attempting to get freeRadius to basically proxy via realm. This one
radius server is going to be the proxy to all other radius servers...

I am able to proxy correctly using the following in proxy.conf

---CUT---
Realm ad.domain.com {
	type = radius
	authhose = ias.server.ad.domain.com:1812
	accthost = ias.server.ad.domain.com:1813
	secret = testing123
	nostrip
}
---CUT---

This works great for the apps that need / allow "username at domian.com" style
authentication.

My problem is when using programs like MS PEAP authentication that wants to
pass the info as "domain.com\username"

I have read thru proxy.conf and radius.conf and looked at the ntdomain realm
and I can not seem to get it to see the "domain.com\username".

I am using IAS on an AD member server for authentication for another project
and it wants to authenticate users via "username at domain.com" as it is
sitting in the root of the AD (no users there) so you have to give it the
FQDN.

Long story short, 

How can I get freeRadius to see "domain.com\username" and convert that to
"username at domain.com" and proxy that off?

Thanks in advance.
- Reynold




More information about the Freeradius-Users mailing list