Second stage authrization with proxy

Gianluca BaĆ¹ gluca.b at gmail.com
Tue May 30 11:07:03 CEST 2017


Hello,

i would like to forward authorization requests to another Freeradius server
if the user is not present in the local one.

The proxy configuration is ok, now i need to know how to tell the local
radius to forward the request **if user not found**.

In an old similar post (
http://freeradius.1045715.n5.nabble.com/Re-Local-Auth-if-Proxy-Auth-fails-OR-Proxy-Auth-if-Local-Auth-fails-td4879306.html)
Alan Dekok explains the way:

authorize {
   ......
if (!notfound) {
                update control {
                        Proxy-To-Realm := "newrealm"
                }
        }
    ......
}

For me this condition is never matched.
Without the if condition the request is correctly forwarded but even if the
user exists in local Freeradius server.

May you help me please? Do you need other technical details?

Cheers,

Gianluca


More information about the Freeradius-Users mailing list