1.1.7 to 2.0.2 config for Realms problem

Dean, Barry B.Dean at liverpool.ac.uk
Thu Jun 5 13:10:02 CEST 2008


I have a problem with a realm configuration that used to work with FR 1.1.7, but does not work at all with 2.0.2 and virtual servers.

I have a virtual server defined in sites-available/janet-roaming thus:

server jrsradius {
        listen {
                ipaddr = jrsradius2.liv.ac.uk
                port = 0
                type = auth
        }
        listen {
                ipaddr = jrsradius2.liv.ac.uk
                port = 0
                type = acct
        }
        proxy_requests  = yes

        $INCLUDE jrs-proxy.conf

        $INCLUDE jrs-clients.conf

        authorize {
                preprocess
                chap
                mschap
                suffix
                eap {
                        ok = return
                }
                unix
                files
                ldap
                expiration
                logintime
                pap
        }

        authenticate {
                Auth-Type PAP {
                        pap
                }
                Auth-Type CHAP {
                        chap
                }
                Auth-Type MS-CHAP {
                        mschap
                }
                unix
                Auth-Type LDAP {
                        ldap
                }
                eap
        }

	 ... some stuff removed for brevity!
}

jrs-proxy.conf contains:

proxy server {
        default_fallback = no
        post_proxy_authorize = no
}

home_server localhost {
        type = auth
        ipaddr = 127.0.0.1
        port = 1812
        secret = testing123
        response_window = 20
        zombie_period = 40
        revive_interval = 120
        status_check = status-server
        check_interval = 30
        num_answers_to_alive = 3
}


realm LOCAL {
        #  If we do not specify a server pool, the realm is LOCAL, and
        #  requests are not proxied to it.
        type            = radius
        authhost        = LOCAL
        accthost        = LOCAL
}

realm NULL {
        type            = radius
        authhost        = LOCAL
        accthost        = LOCAL
}

realm liv.ac.uk {
        type            = radius
        authhost        = LOCAL
        accthost        = LOCAL
}

realm liverpool.ac.uk {
        type            = radius
        authhost        = LOCAL
        accthost        = LOCAL
}

(stuff for JENET NRPS servers removed)

But logging in as testuser at liverpool.ac.uk I get:

Thu Jun  5 11:57:21 2008 : Debug:     rlm_realm: Looking up realm "liverpool.ac.uk" for User-Name = "testuser at liverpool.ac.uk"
Thu Jun  5 11:57:21 2008 : Debug:     rlm_realm: No such realm "liverpool.ac.uk"

What have I done wrong in defining the realms for liv.ac.uk and liverpool.ac.uk?
Wrong place? Wrong syntax?

They are not mentioned during server startup with "-X and -xx" beyond:

Thu Jun  5 11:57:16 2008 : Debug: including configuration file /usr/radius/etc/raddb/sites-enabled/janet-roaming
Thu Jun  5 11:57:16 2008 : Debug: including configuration file /usr/radius/etc/raddb/jrs-proxy.conf

so is the config being ignored because it is wrong?

Thanks.

---------------
Barry Dean
Networks Team
Computing Services Department
Tel: 0151 794 5641 (x45641)






More information about the Freeradius-Users mailing list