1.1.7 to 2.0.2 config for Realms problem
Dean, Barry
B.Dean at liverpool.ac.uk
Thu Jun 5 13:10:02 CEST 2008
I have a problem with a realm configuration that used to work with FR 1.1.7, but does not work at all with 2.0.2 and virtual servers.
I have a virtual server defined in sites-available/janet-roaming thus:
server jrsradius {
listen {
ipaddr = jrsradius2.liv.ac.uk
port = 0
type = auth
}
listen {
ipaddr = jrsradius2.liv.ac.uk
port = 0
type = acct
}
proxy_requests = yes
$INCLUDE jrs-proxy.conf
$INCLUDE jrs-clients.conf
authorize {
preprocess
chap
mschap
suffix
eap {
ok = return
}
unix
files
ldap
expiration
logintime
pap
}
authenticate {
Auth-Type PAP {
pap
}
Auth-Type CHAP {
chap
}
Auth-Type MS-CHAP {
mschap
}
unix
Auth-Type LDAP {
ldap
}
eap
}
... some stuff removed for brevity!
}
jrs-proxy.conf contains:
proxy server {
default_fallback = no
post_proxy_authorize = no
}
home_server localhost {
type = auth
ipaddr = 127.0.0.1
port = 1812
secret = testing123
response_window = 20
zombie_period = 40
revive_interval = 120
status_check = status-server
check_interval = 30
num_answers_to_alive = 3
}
realm LOCAL {
# If we do not specify a server pool, the realm is LOCAL, and
# requests are not proxied to it.
type = radius
authhost = LOCAL
accthost = LOCAL
}
realm NULL {
type = radius
authhost = LOCAL
accthost = LOCAL
}
realm liv.ac.uk {
type = radius
authhost = LOCAL
accthost = LOCAL
}
realm liverpool.ac.uk {
type = radius
authhost = LOCAL
accthost = LOCAL
}
(stuff for JENET NRPS servers removed)
But logging in as testuser at liverpool.ac.uk I get:
Thu Jun 5 11:57:21 2008 : Debug: rlm_realm: Looking up realm "liverpool.ac.uk" for User-Name = "testuser at liverpool.ac.uk"
Thu Jun 5 11:57:21 2008 : Debug: rlm_realm: No such realm "liverpool.ac.uk"
What have I done wrong in defining the realms for liv.ac.uk and liverpool.ac.uk?
Wrong place? Wrong syntax?
They are not mentioned during server startup with "-X and -xx" beyond:
Thu Jun 5 11:57:16 2008 : Debug: including configuration file /usr/radius/etc/raddb/sites-enabled/janet-roaming
Thu Jun 5 11:57:16 2008 : Debug: including configuration file /usr/radius/etc/raddb/jrs-proxy.conf
so is the config being ignored because it is wrong?
Thanks.
---------------
Barry Dean
Networks Team
Computing Services Department
Tel: 0151 794 5641 (x45641)
More information about the Freeradius-Users
mailing list