Go to virtual server by nas-id

Alan DeKok aland at deployingradius.com
Mon Sep 2 17:06:25 CEST 2019

On Sep 2, 2019, at 2:56 AM, Markus Maurer <lists at v-net.tk> wrote:
> is there a way to forward radius-request, coming with a specified NAS-ID to a virtual server?
> e.g. Radius-request sends username "john", password "doe" and nas-id "foo". Radius-server detects the nas-id "foo" in the request and forwards it to the virtual_server "bar".

  The only way is to accept all packets in one virtual server via a normal socket, and then proxy it internal.  You will need to set up a "home_server" which has a "virtual_server" set:

* add virtual server "foo" in sites-enabled/foo
  configure it how you want, starting from a copy of the "default" virtual server

* create a home_server_pool and home_server in proxy.conf

home_server foo {
	virtual_server = foo

home_server_pool foo {
	home_server = foo

* tell it to proxy

	if (NAS-Identifier == "foo") {
		update control {
			Home-Server-Pool := "foo"

  It's a little convoluted, but it works.

  Alan DeKok.

More information about the Freeradius-Users mailing list