Proxy question

Phil Mayers p.mayers at
Sat Oct 7 13:43:17 CEST 2006

Roberto Greiner wrote:
> Alan DeKok wrote:
>> Roberto Greiner <mrgreiner at> wrote:
>>>>   Show the *full* log.
>>> rad_recv: Access-Request packet from host E.F.G.H:4126, id=4, length=62
>>>         User-Name = "rgreiner at"
>>   Is this the log from the home server?  If so, why?  You already said
>> the username wasn't stripped, so showing that the home server receives
>> it non-stripped is pointless.
>>   If this is the log from the proxying server, then it's not doing
>> proxying, so of course it isn't stripping the username.
>>>     rlm_realm: Adding Stripped-User-Name = "rgreiner"
>>>     rlm_realm: Proxying request from user rgreiner to realm
>>>     rlm_realm: Adding Realm = ""
>>>     rlm_realm: Authentication realm is LOCAL.
>>   You've marked that realm as something that shouldn't be proxied.
>> Why do you expect it to be proxied?
> Actually I don't wan't it to be proxied, only that it removes the realm
> part to handle it locally. But it's comparing the full entry (with
> realm) against the database name, instead of only the login.

Oh, also if you do want to continue using the "realm" module, look at:

sql_user_name = "%{Stripped-User-Name:-%{User-Name:-DEFAULT}}

Note the Stripped-User-Name. Ensure the realm has "strip" set as an option

More information about the Freeradius-Users mailing list