add attribute when proxying

denis den.zinevich at gmail.com
Thu Jun 29 17:33:36 CEST 2017


Thanks for info, as it usually happens in life - figured out just after
asking. Attributes 1000-1199 are never sent, was not obvious though...
Just for experiment I picked random (and unused in my case) +/- suitable
attr from rfc list - Connect-Info, and ​it worked fine.
I know that I can't invent attr, it must be in dictionary, this is clear
from docs. It took time to understand why Tmp-String is not sent.

Business case itself if:
I have lots of servers configured exactly same way, they run vpn daemons,
which in turn use radius.
each of that servers has property - "premium" which defines if client can
or can't connect to specific server
So my idea is to pass 1/0 flag in any suitable attribute, and home/main
freeradius server in turn will pass that to script which performs auth,
this way main server will know to which one user is connecting.


More information about the Freeradius-Users mailing list