Unitary testing of virtual servers on a proxy RADIUS

Nidhal Taleb n.taleb at me.com
Fri Jun 29 15:08:06 CEST 2018


OK, thank you very much

> You can't send just *one* user to a virtual server. 

Nidhal Taleb



> Le 29 juin 2018 à 13:56, Alan DeKok <aland at deployingradius.com> a écrit :
> 
> 
>> On Jun 29, 2018, at 5:43 AM, Nidhal Taleb <n.taleb at me.com> wrote:
>> We have a working freeradius server acting as a proxy for our customers. All customers go through the same clients pool. Clients as intended in /etc/freeradius/clients.
>> 
>> For some new need we need to change the behavior of our server for a certain type of requests - an existing realm must now be processed locally by the server and not as a proxy -. I thought about implementing this through the use of virtual servers. It works well in our testing environment but it’s time to test it in production.
>> 
>> The way I understand virtual servers is that they must be « declared » under the client configuration in the /etc/freeradius/clients file. 
> 
>  That's the way it works.
> 
>> The problem I am facing is that in doing so, I implement the change on all incoming authentication requests whereas I would have preferred to do so on a unique user just to be sure it would work in the production environment.
> 
>  You can't send just *one* user to a virtual server.  See raddb/sites-available/README for documentation on how virtual servers && clients work.
> 
>  Alan DeKok.
> 
> 
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html



More information about the Freeradius-Users mailing list