Use Hint file to proxy
Difan Zhao
difan.zhao at guest-tek.com
Wed Mar 2 17:00:32 CET 2011
Hi experts,
Long time no talk!
I have another dilemma. For some reasons I want to try to use the hints file to do Proxy (the normal way of configuring realm and proxy.conf file works). So the following is my config:
=============== hints ===================
DEFAULT User-Name =~ "^host\/.*\.gtcorp\.com$"
Hint = "Marriott"
=============== users ===================
DEFAULT Hint == "Marriott", Proxy-To-Realm := "~\.gtcorp\.com$"
=============== proxy.conf ===================
....
realm "~\.gtcorp\.com$" {
nostrip
auth_pool = Marriott_Auth_Pool
acct_pool = Marriott_Acct_Pool
}
============== module/realm ================
realm Marriott {
format = suffix
delimiter = "/"
}
Then I commented out the "Marriott" realm in the "authorize" section in the default server so the settings in the "realm" file shouldn't do anything.
============= sites-available/default ==============
authorize {
...
# Marriott
...
}
In the radius -X log I do see the requests are sent to the proxy server but I also see the following abnormal logs. The complete log is also attached.
[eap] No pre-existing handler found
...
rlm_eap: No EAP session matching the State variable.
[eap] Either EAP-request timed out OR EAP-response to an unknown EAP-request
[eap] Failed in handler
++[eap] returns invalid
Failed to authenticate the user.
So is it possible to use the hints file to do proxy or I'm totally out of my mind?? If it's possible where I could do wrong?
Thanks a lot!
[cid:image002.gif at 01CBD8B8.490E09F0]Difan Zhao M.Eng | CCNA CCNP CCSP | Network Engineer
T: 403-509-1010 ext 3048 | M: 403-689-7514 | F: 403.509.1011
difan.zhao at guest-tek.com<mailto:difan.zhao at guest-tek.com> | www.guest-tek.com<http://www.guest-tek.com>
The contents of this email are confidential and intended for the recipient only. If you have received this email in error, please notify us, and destroy all copies.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20110302/ef5a112d/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.gif
Type: image/gif
Size: 3741 bytes
Desc: image001.gif
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20110302/ef5a112d/attachment.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.gif
Type: image/gif
Size: 2716 bytes
Desc: image002.gif
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20110302/ef5a112d/attachment-0001.gif>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: radius -X.txt
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20110302/ef5a112d/attachment.txt>
More information about the Freeradius-Users
mailing list