Problems with my radrelay configuration?
Alan DeKok
aland at deployingradius.com
Tue Oct 11 17:04:16 CEST 2011
tonimanel wrote:
> Now, I have configured radiusd.conf with this code:
...
That should read from the detail file...
> And radrelay.conf with this code:
>
> listen {
...
> identity = radrelay
What's "identity" ?
I *always* get worried when people do things which aren't necessary.
It means that they haven't followed the existing documentation, or
understood it. It means that they're likely making random changes
without a clear understanding as to what's going on.
> # See also raddb/sites-available/copy-acct-to-home-server
> # for additional description.
> #
> preacct {
> #
> # Proxy the packet using the given realm.
> # Note that we do not use the realm for anything else such
> # as prefix/suffix stripping or comparisons.
> #
> update control {
> Proxy-To-Realm := "radrelay"
> }
OK... radrelay is supposed to proxy the packets.
> I get this output and server continueing without to write the detail file:
Uh... the configuration you showed above is for radrelay. You did
*not* tell the main radius server to use the "radrelay-detail" module.
Edit raddb/sites-available/default. Look for "accounting". In it,
look for "detail". Replace that with "radrelay-detail".
> root at debian:/etc/freeradius# clear; freeradius -X -n radrelay
Once again, radrelay *reads* the detail file.
Your comment above is that the server doesn't *write* the detail file.
Send accounting packets to the main FreeRADIUS server. It should
write them to the detail file. radrelay will read them from the detail
file.
I really don't know how to make that any simpler. I've said it a
number of times. You need to read the previous paragraph until you
understand it.
> The same output! What's happening?
The server is doing exactly what you told it to do, and exactly what I
said it would do.
Alan DeKok.
More information about the Freeradius-Users
mailing list