forward authentication, but take reply attributes from local db
Vld
ponch at ponch.ru
Thu Apr 16 14:42:14 CEST 2015
Thanks, Alan!
its amazing, how flexible freeradius is)
В Wed, 15 Apr 2015 11:15:26 -0400
Alan DeKok <aland at deployingradius.com> пишет:
> On Apr 15, 2015, at 10:57 AM, Vld <ponch at ponch.ru> wrote:
> > Lets say i have primary radius server with users in file. And i also
> > have secondary one, with the same users (logins and passwords are
> > the same).
>
> OK.
>
> > How do i forward/proxy access-request from primary to secondary and
> > in case it sends back access-accept to primary - it takes user
> > attributes from local database (of primary). No just return to NAS
> > what secondary gave me, but rewrite it according to local config.
>
> You can re-write attributes in the post-proxy stage. That's what
> it's for.
>
> By default, the server uses the reply from the home server as the
> reply to the NAS. If you want that changed, you'll need to change
> configuration.
>
> Put the reply attributes into the post-proxy section, that should
> work.
>
> > The main goal of secondary - just either accept or reject user.
> >
> > is it even possible?
>
> Yes.
>
> Alan DeKok.
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
More information about the Freeradius-Users
mailing list