Q: Define realms per virtual server.

David Mitchell mitchell at ucar.edu
Mon Jun 10 19:26:08 CEST 2013


Greetings,

I'm hitting a situation where I would like to be able to define different realms in my virtual servers. Simply including realm definitions inside of the virtual servers doesn't work. It doesn't generate an error either, but the defined realm doesn't work.

server internal {
    realm DEFAULT {
        authhost = remote1.com
        accthost = remote1.com
        nostrip
    }
    listen {
        ipaddr = *
        port = 1814
        type = auth
    }
    listen {
        ipaddr = *
        port = 1815
        type = acct
    }
. . .
}

The 'realm' keyword is overloaded, being used both for the definitions of the delimiters and of the realms themselves. And while the former is loaded via a module syntax and can be loaded per-virtual-server (via suffix, ipass, etc.) I can't find any way to restrict the actual realm definitions to a virtual server. They are all global configuration loaded via proxy.conf. Is there some method I'm missing for making the realm definitions per-server? Thanks in advance,

-David Mitchell


-----------------------------------------------------------------
| David Mitchell (mitchell at ucar.edu)       Network Engineer IV  |
| Tel: (303) 497-1845                      National Center for  |
| FAX: (303) 497-1818                      Atmospheric Research |
-----------------------------------------------------------------





More information about the Freeradius-Users mailing list