merging two systems
BJulin at clarku.edu
Mon Jan 16 16:01:30 CET 2012
Blake Hudson [blake at ispn.net] writes:
> What is the preferred method to configure freeradius to authenticate two
> sets of users out of two databases? Should I look at running multiple
> instances of freeRADIUS or can I utilize both databases with one instance?
This should be doable by defining multiple named sql instances, then, based on
the criteria you use to separate sessions for the two services, invoke one or
the other of them by name appropriately. Basically look for every place in
the configs where the sql module is called, either as a directive, or inside a
string xlat, and you would have to multiplex each of those statements to
use the appropriate name (instead of "sql") in the appropriate case.
Also, multiple instances of FreeRADIUS are not hard to do, and can sometimes
be preferable is you would like to add a bit more partitioning from a security
perspective, but each will require its own port and/or IP address so your
NAS flexibility may play a part in that decision.
More information about the Freeradius-Users