proxy questions

Justin Church jcc at
Tue Nov 14 20:36:17 CET 2006

Alan DeKok wrote:
> Justin Church <jcc at> wrote:
>> I need to be able to proxy accounting requests that arrive with no 
>> User-Name attribute.  Is that possible?  I haven't been able to make it 
>> work.  Maybe I could insert a dummy User-Name pre-proxy and remove it 
>> post-proxy?
>  No.  Just set Proxy-To-Realm = "realm".

Not exactly sure where to set this.  I've tried acct_users with no luck:

rad_recv: Accounting-Request packet from host port 32833, 
id=10, length=81
         NAS-Port = 5060
         Sip-Src-IP =
         Acct-Status-Type = Start
         Sip-Transport-Proto = TLS
         Acct-Session-Id = "accounting-session-1-id"
   Processing the preacct section of radiusd.conf
modcall:  entering group preacct for request 0
rlm_acct_unique: WARNING: Attribute Client-IP-Address was not found in 
request, unique ID MAY be inconsistent
rlm_acct_unique: WARNING: Attribute User-Name was not found in request, 
unique ID MAY be inconsistent
rlm_acct_unique: Hashing 'NAS-Port = 5060,,NAS-IP-Address =,Acct-Session-Id = "accounting-session-1-id",'
rlm_acct_unique: Acct-Unique-Session-ID = "2c2e557e174a1b62".
-->    rlm_realm: Proxy reply, or no User-Name.  Ignoring.
modcall: group preacct returns noop for request 0
   Processing the accounting section of radiusd.conf
modcall:  entering group accounting for request 0
expands to /usr/local/var/log/radius/radacct/
radius_xlat:  'Tue Nov 14 14:30:25 2006'
radius_xlat:  '/usr/local/var/log/radius/radutmp'
radius_xlat:  ''
modcall: group accounting returns ok for request 0
Sending Accounting-Response of id 10 to port 32833
Finished request 0
Going to the next request
--- Walking the entire request list ---
Cleaning up request 0 ID 10 with timestamp 455a1951
Nothing to do.  Sleeping until we see a request.


realm NULL {
   type    = radius
   accthost  =
   secret    = <removed>


DEFAULT Proxy-To-Realm = "NULL"



>> Also, I notice that when running in -X mode, the accounting-response is 
>> not relayed to the original client.  Works fine when not in -X mode. 
>   Weird.
>   Hmm... it may be cleaning up the request too aggressively.  I'll
> take a look at  it.
>   Alan DeKok.
> --
>       - The web site of the book
> - The blog
> - 
> List info/subscribe/unsubscribe? See

More information about the Freeradius-Users mailing list