Virtual Hosts conflicting
Alan DeKok
aland at deployingradius.com
Thu Jan 3 22:31:48 CET 2008
Nicholas Hall wrote:
> *My Goal*: PAP on legacy port 1645, CHAP on 1812 working simultaneously.
All you need to do is to configure two "listen" sections. This can be
done in 1.1.7. You don't need two virtual servers.
> *My Environment*: FreeRADIUS 2.0.0-pre2, LDAP user database, MySQL
> Accounting.
Please don't use -pre2. I'll be removing it from the web site soon,
as we plan on releasing 2.0.0 within a *very* short while. i.e. grab a
copy of the source from CVS, and use that.
> *Problem*: I'm running a virtual host for each AUTH port. Each works
> fine when placed in sites-enabled individually but my CHAP virtualhost
> fails when both are enabled. The vhost listening on 1812 appears to be
> referencing an LDAP module that is not listed in it's server{ ... }
> block. You will see "ou=Dialup" in the debugging output below of a CHAP
> request to 1812 that is only contained in the legacy PAP vhost. Any
> ideas are appreciated!!
Please read the *entire* debug log. It's not just doing an LDAP query
at random. It's doing an LDAP query because you're using the LDAP-Group
attribute in line 16 of the "users" file.
If you don't want a virtual server to do LDAP lookups, don't configure
it to use the LDAP-Group attribute.
Alan DeKok.
More information about the Freeradius-Users
mailing list