Proxy Radius
Luis Galan
radius at claranet.es
Tue Mar 27 13:07:40 CEST 2007
Hello!
I need to configure freeradius as a proxy server only for users that
ends in "@domain1.com". This users must be authenticated by its home
server (external proxy) but users must received an ip address from my
pool. (We give internet service to customer from another country with
its dialup username , some kind of roaming service)
For the rest of users it should authenticate itself.
Then I have configured the following:
proxy.conf:
# Realm for domain1.com
realm domain1.com {
type = radius
authhost = radius.domain1.com:1812
accthost = radius.domain1.com:1813
secret = mysecret
nostrip
}
radius.conf:
proxy_requests = yes
$INCLUDE ${confdir}/proxy.conf
modules{
.
.
.
files {
usersfile = ${confdir}/users
}
realm suffix {
format = suffix
delimiter = "@"
ignore_default = no
ignore_null = yes
}
.
.
.
}
authorize {
.
.
.
suffix
.
.
files
.
.
}
preacct {
.
.
suffix
.
.
files
}
pre-proxy {
files
}
Users:
DEFAULT Suffix="domain1.com", Pool-Name := "mypoolDialup"
Service-Type = Framed-User,
Framed-Protocol = PPP,
Service-Type = Framed-User,
Framed-Routing = Broadcast-Listen,
Framed-Compression = Van-Jacobson-TCP-IP,
Fall-Through = Yes
Is it correct?
More information about the Freeradius-Users
mailing list