FR 3.0: Fall back to proxy if SQL returns no result
Rens Houben
rhouben at systemec.nl
Tue Nov 13 16:14:21 CET 2018
Van: Freeradius-Users <freeradius-users-bounces+rhouben=systemec.nl at lists.freeradius.org> namens Alan DeKok <aland at deployingradius.com>
Verzonden: dinsdag 13 november 2018 15:31
Aan: FreeRadius users mailing list
Onderwerp: Re: FR 3.0: Fall back to proxy if SQL returns no result
On Nov 13, 2018, at 4:27 AM, Rens Houben via Freeradius-Users <freeradius-users at lists.freeradius.org> wrote:
> > I've managed to set up the proxies thanks to the example in proxy.conf and the documentation in https://wiki.freeradius.org/config/Proxy, but all the instructions for /using/ the proxy pool involve setting specific realms rather than fallback, and I'm not sure if I'm even using the right search terms.
> You can add a realm that isn't used anywhere else. e.g. "FALLBACK". Then, use that for proxying.
> If you're worried about people using it, just check for users logging in as the FALLBACK realm, and reject them.
> Then, do:
redundant {
sql
update control {
Proxy-To-Realm := "FALLBACK"
}
}
This didn't work:
server radius-test { # from file /etc/freeradius/3.0/sites-enabled/radius-test
# Loading authenticate {...}
# Loading authorize {...}
/etc/freeradius/3.0/sites-enabled/radius-test[179]: redundant sections cannot contain a "update" statement
/etc/freeradius/3.0/sites-enabled/radius-test[154]: Errors parsing authorize section.
> > Additionally, looking through the freeradius -X debug log I notice that while it does recognize the home_server stanzas I added to the virtual host, it does /not/ acknowledge the home_server_pool stanza in the same file. Have I missed something?
> The home_server and home_server_pool configuration blocks can appear in any file. They *can't* be used inside of a "server { ...}" section.
Gotcha. Moving them outside the server statement worked, the log recognizes them.
> Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list