Q: Define realms per virtual server.

David Mitchell mitchell at ucar.edu
Tue Jun 11 00:23:22 CEST 2013

On Jun 10, 2013, at 3:58 PM, Alan DeKok <aland at deployingradius.com> wrote:

>> I can't find any way to restrict the actual realm definitions to a virtual server. They are all global configuration loaded via proxy.conf.
>  They are global.

That's what I suspected. Thanks for confirming. In my case I have two virtual servers, one which handles a local staff SSID and one which handles our eduroam SSID. Defining a NULL domain for the local SSID virtual server has the unfortunate effect of allowing a NULL domain for eduroam virtual server as well.

I was able to achieve most of what I wanted by adding more checks in the virtual server authorize section of the eduroam server to double check for a NULL domain and force a reject.

>> Is there some method I'm missing for making the realm definitions per-server? Thanks in advance,
>  Source code modifications.

Always an option, but not necessarily the easiest. Thanks for the help,

-David Mitchell

>  Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

| David Mitchell (mitchell at ucar.edu)       Network Engineer IV  |
| Tel: (303) 497-1845                      National Center for  |
| FAX: (303) 497-1818                      Atmospheric Research |

More information about the Freeradius-Users mailing list