Virtual Hosts conflicting
Nicholas Hall
ngharo at gmail.com
Fri Jan 4 18:00:39 CET 2008
On Jan 3, 2008 3:31 PM, Alan DeKok <aland at deployingradius.com> wrote:
> Nicholas Hall wrote:
> > *My Goal*: PAP on legacy port 1645, CHAP on 1812 working simultaneously.
>
> All you need to do is to configure two "listen" sections. This can be
> done in 1.1.7. You don't need two virtual servers.
>
The problem is that my PAP users are in a different location in LDAP. This
is why I created two more instances of the LDAP module pointing to a
different basedn.
> > *My Environment*: FreeRADIUS 2.0.0-pre2, LDAP user database, MySQL
> > Accounting.
>
> Please don't use -pre2. I'll be removing it from the web site soon,
> as we plan on releasing 2.0.0 within a *very* short while. i.e. grab a
> copy of the source from CVS, and use that.
I'm actually running a CVS snapshot from a while back. It seems to be
working fine -- my plan was to continue running it until 2.0.0 is released.
> > *Problem*: I'm running a virtual host for each AUTH port. Each works
> > fine when placed in sites-enabled individually but my CHAP virtualhost
> > fails when both are enabled. The vhost listening on 1812 appears to be
> > referencing an LDAP module that is not listed in it's server{ ... }
> > block. You will see "ou=Dialup" in the debugging output below of a CHAP
> > request to 1812 that is only contained in the legacy PAP vhost. Any
> > ideas are appreciated!!
>
> Please read the *entire* debug log. It's not just doing an LDAP query
> at random. It's doing an LDAP query because you're using the LDAP-Group
> attribute in line 16 of the "users" file.
>
> If you don't want a virtual server to do LDAP lookups, don't configure
> it to use the LDAP-Group attribute.
>
Thanks. Things are working after removing the LDAP-Group attribute. I'm
not 100% sure why but for now I'm not going to worry about it!
--
Nicholas Hall
ngharo at gmail.com
262.208.6271
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20080104/28417830/attachment.html>
More information about the Freeradius-Users
mailing list