how to force "Accept" and override default and null proxy realms?

Phil Mayers p.mayers at
Sat Oct 21 14:10:20 CEST 2006

Mike wrote:
> I would like to always send an Accept unconditionally if the User-Name
> is test[0-9], but proxy request to default or null realm for all other
> user names.
> I tried a configuration with
> authorize {
>  files
>  suffix
> }
> the "suffix" will match on default and null realms.  I currently have
> a line in users file that looks like this:
> DEFAULT User-Name =~ "test[0-9]", Auth-Type: Accept
> however regardless of which user makes the request, even the "test"
> user (which does match), the request is still proxied.  If I change
> "Auth-Type: Reject", then the test user is always rejected, but I am
> looking for the opposite behavior.

see doc/configurable_failover which describes a way to control how 
modules fall through.

Note that simply returning Accept does not work for most Auth-Types e.g. 
CHAP, MS-CHAP, EAP. It only really works for PAP

More information about the Freeradius-Users mailing list