Proxy-To-Realm and Users File
Mike O'Connor
freeradius at pineview.net
Thu Aug 27 02:13:13 CEST 2009
Hi All
Using freeradius 2.1.4 the following works if I user the hints file.
DEFAULT Called-Station-Id == "splns357"
User-Name := "%{User-Name}@mb.webshield.net.au"
The user is proxied to the correct server and the user is correctly set.
I now need to proxy based on the User-Name which in this case will
always be a telephone number (Mobile Broadband SIM's)
I had added the following to the users file (which I hope to change to
the fast users later)
61466004163 Proxy-To-Realm := "mb.webshield.net.au"
User-Name := "%{User-Name}@mb.webshield.net.au"
This proxies the user to the next server but does not rewrite the
username, I've also tried a couple of other in this file but none seem
to work.
rad_recv: Access-Request packet from host 118.67.209.51 port 56036,
id=1, length=92
Framed-Protocol = PPP
User-Name = "61466004163"
User-Password = "password"
Calling-Station-Id = "61466004163"
Called-Station-Id = "splns357"
Service-Type = Framed-User
NAS-IP-Address = 118.67.208.51
+- entering group authorize {...}
++[preprocess] returns ok
[auth_log] expand:
/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d ->
/var/log/radius/radacct/118.67.209.51/auth-detail-20090827
[auth_log]
/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands
to /var/log/radius/radacct/118.67.209.51/auth-detail-20090827
[auth_log] expand: %t -> Thu Aug 27 09:40:24 2009
++[auth_log] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "61466004163", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
[files] users: Matched entry 61466004163 at line 1
[files] expand: %{User-Name}@mb.webshield.net.au ->
61466004163 at mb.webshield.net.au
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
2009-08-27T09:40:24.327336: Verbose: RLM_PYTHON: handling Authorize
request...
++[python] returns ok
+- entering group pre-proxy {...}
[attr_filter.pre-proxy] expand: %{Realm} -> mb.webshield.net.au
++[attr_filter.pre-proxy] returns noop
Sending Access-Request of id 250 to 118.67.209.21 port 1812
Framed-Protocol = PPP
User-Name = "61466004163"
User-Password = "password"
Calling-Station-Id = "61466004163"
Called-Station-Id = "splns357"
Service-Type = Framed-User
NAS-IP-Address = 118.67.208.51
Proxy-State = 0x31
Proxying request 0 to home server 118.67.209.21 port 1812
Sending Access-Request of id 250 to 118.67.209.21 port 1812
Framed-Protocol = PPP
User-Name = "61466004163"
User-Password = "password"
Calling-Station-Id = "61466004163"
Called-Station-Id = "splns357"
Service-Type = Framed-User
NAS-IP-Address = 118.67.208.51
Proxy-State = 0x31
Going to the next request
Waking up in 0.9 seconds.
Waking up in 13.0 seconds.
rad_recv: Access-Reject packet from host 118.67.209.21 port 1812,
id=250, length=23
Proxy-State = 0x31
Thanks All
Mike
More information about the Freeradius-Users
mailing list