JRS - Proxying v2
Arran Cudbard-Bell
A.Cudbard-Bell at sussex.ac.uk
Fri Apr 6 20:51:34 CEST 2007
Hi Alan,
Just to make sure i've got the right idea about v2 realms.
Here is an example config for the Janet Roaming Service, which allows
users at any academic institution in the UK
to authenticate at any other .
The version 1 realm JRS
realm jrs {
type = RADIUS
authhost = roaming1.ja.net:1812
accthost = roaming2.ja.net:1813
secret = theirsecret
nostrip
ldflag = round_robin
}
realm jrs {
type = RADIUS
authhost = roaming2.ja.net:1812
accthost = roaming2.ja.net:1813
secret = theirsecret
nostrip
ldflag = round_robin
}
The version 2 realm JRS
##############
# Server Pools
#
realm jrs {
auth_pool = jrs_auth_balance
acct_pool = jrs_acct_balance
nostrip
}
##############
# Server Pools
#
server_pool jrs_auth_balance {
home_server = jrs1_auth
home_server = jrs2_auth
type = load-balance
}
server_pool jrs_acct_balance {
home_server = jrs1_auth
home_server = jrs2_auth
type = load-balance
}
##############
# Home Servers
home_server jrs1_auth {
type = auth
hostname = roaming1.ja.net
port = 1812
secret = theirsecret
response_window = 20
zombie_period = 40
revive_interval = 120
ping_check = request
ping_interval = 30
num_pings_to_alive = 3
}
home_server jrs1_acct {
type = acct
hostname = roaming1.ja.net
port = 1813
secret = theirsecret
response_window = 20
zombie_period = 40
revive_interval = 120
ping_check = request
ping_interval = 30
num_pings_to_alive = 3
}
home_server jrs2_auth {
type = auth
hostname = roaming2.ja.net
port = 1812
secret = theirsecret
response_window = 20
zombie_period = 40
revive_interval = 120
ping_check = request
ping_interval = 30
num_pings_to_alive = 3
}
home_server jrs2_acct {
type = acct
hostname = roaming1.ja.net
port = 1813
secret = theirsecret
response_window = 20
zombie_period = 40
revive_interval = 120
ping_check = request
ping_interval = 30
num_pings_to_alive = 3
}
Very long, but I can see the advantages :)
Thanks,
Arran
More information about the Freeradius-Users
mailing list