design question
Olivier Beytrison
olivier at heliosnet.org
Mon Mar 4 22:27:03 CET 2013
On 04.03.2013 22:17, Olivier Beytrison wrote:
> On 04.03.2013 21:56, Matt Zagrabelny wrote:
>> Greetings,
>>
>> I am configuring a general purpose RADIUS server that any number of
>> clients can connect to for authn - it uses a PostgreSQL DB as the
>> backend datastore. I would also like to setup a secondary RADIUS
>> server listening on a different port (ie. 1814) and use the same Pg DB
>> as a backend, but use a "restricted" view as the "users" table, then
>> configure devices (certain network gear) that wish to only allow users
>> in the "restricted" view to use that secondary RADIUS server and
>> corresponding port.
>
> You can use the same listen ports, but group clients (which mean NAS) in
> two groups, and assign a specific virtual server for each groups, with
> different policy, database lookup and such.
Just to add, I think you should define a virtual server with a default
virtual_server in the listen {} section, then for your specific NAS that
needs special policy/authn, simply specify a different virtual_server in
the client {} section
I also wanted to add that you'll find all the information you need here
http://wiki.freeradius.org/config/Virtual-server (but my @#°@¦§¬ mail
client sent the mail instead of pasting the link) :)
Olivier
More information about the Freeradius-Users
mailing list