Need to auth all instead of proxy for 1 realm

Alan DeKok aland at deployingradius.com
Mon Jun 23 23:29:04 CEST 2014


azander wrote:
>   I am running FreeRadius 2.2.x (Working on upgrading to 3.x.x) but ran
> into a near emergency situation.  One of my customer's radius servers
> died.  I need to auth-all their customers, but not any of the other
> proxied radius users.  Is there a relatively simple way to do this?  I
> cannot seem to find it in the docs.

  The docs describe how the server works.  They don't describe how to
configure every possible setup.

  In this case, you can change their home_server to have a
virtual_server, instead of an IP address.  See raddb/proxy.conf for
documentation.

  Then, create a virtual server which does:

server accept_all {
	authorize {
		update control {
			Auth-Type := Accept
		}
	}

}

  And that should work.  If the end users are using PAP or CHAP.  If the
customers are using anything else, it won't work.  The home server will
need to be fixed if the end users are using EAP or MS-CHAP.

  Alan DeKok.


More information about the Freeradius-Users mailing list