sending requests to a virtual server when behind a proxy
Louis Munro
lmunro at inverse.ca
Wed Jul 15 18:12:56 CEST 2015
Hello,
I have a set of servers behind two FreeRADIUS servers configured to proxy and load balance to a pool of backend FR servers (2.26 both on the load balancers and backend).
I would like to send some requests to a different virtual server on the backend to authenticate our VPN requests separately from the regular Wireless authentications.
I can set the virtual server in the client definition (on the backend servers) and that seems to work well but when the requests are proxied through the load-balancers the client is the proxying server and so my virtual server config is not applied.
I could alway send those requests to a virtual server listening on a different port on the backend, but I would like to avoid that if there is a way.
That just adds more complexity and ports to manage in firewall and such.
Am I missing something obvious?
I don’t think this could be done using dynamic clients since I can’t inspect the NAS-IP-Address there.
Any other way that someone can think of?
Your help is much appreciated,
--
Louis Munro
lmunro at inverse.ca :: www.inverse.ca
+1.514.447.4918 x125 :: +1 (866) 353-6153 x125
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence (www.packetfence.org)
More information about the Freeradius-Users
mailing list