new to freeradius - proxy question

Paul A razor at meganet.net
Tue Oct 21 16:48:29 CEST 2008


Hoping someone can help me or point me in the right direction.

We currently are running a Livingston radius server that does realm and DNIS
proxying. For obvious reasons we want to replace this server with
freeradius.

My current setup is like this.

Livingston radius proxy - let's say it's 1.1.1.1, doing realm and DNIS proxy
- which works.

A freeradius destination server, 3.3.3.3, that handles usernames
with/without realms. Which works with the Livingston proxy server.

The new freeradius proxy server that currently only works with realms -
let's say its 2.2.2.2


How im testing:
In the old Livingston proxy I have this.

####3.3.3.3  somesecret                  5500            old

2.2.2.2  somesecret	5500            1812 1813


Here's the problem:

My ne freeradius proxy at 2.2.2.2 is doing realm and DNIS proxy but only
realm proxy is working. Although it seems like that server is sending all
radius packets to the destination server of 3.3.3.3
On this server I do have a DNIS entry on the acct_users file, like this:

DEFAULT Called-Station-Id == "5500", Proxy-To-Realm := "realm.net"
        Fall-Through = No


On Freeradius destination server I see start records for  users login in
with user at realm

 Oct 21 09:46:02 2008
        User-Name = "test"
        NAS-IP-Address = xx.xx.80.15
        Ascend-Owner-IP-Addr = 0.0.0.0
        NAS-Port = 751
        Ascend-NAS-Port-Format = 2_4_5_5
        NAS-Port-Type = Async
        Service-Type = Framed-User
        Acct-Status-Type = Start

But for users login in without a realm I notice a lot of stop records but
the curious thing is that I see some with Ascend-Disconnect-Cause =
PPP-PAP-Auth-Failed. So now im wondering if the proxy at 2.2.2.2 is doing
something to the packets leaving for 3.3.3.3 that's causing it to fail
without the realm at the destination server.


Any help would be appreciated. 

Thanks p.a





More information about the Freeradius-Users mailing list