Re: Go to virtual server by nas-id
Markus Maurer
lists at v-net.tk
Tue Sep 3 08:58:02 CEST 2019
Am Montag, September 02, 2019 17:06 CEST, Alan DeKok <aland at deployingradius.com> schrieb:
> On Sep 2, 2019, at 2:56 AM, Markus Maurer <lists at v-net.tk> wrote:
> >
> > is there a way to forward radius-request, coming with a specified NAS-ID to a virtual server?
> >
> > e.g. Radius-request sends username "john", password "doe" and nas-id "foo". Radius-server detects the nas-id "foo" in the request and forwards it to the virtual_server "bar".
>
> The only way is to accept all packets in one virtual server via a normal socket, and then proxy it internal. You will need to set up a "home_server" which has a "virtual_server" set:
>
> * add virtual server "foo" in sites-enabled/foo
> configure it how you want, starting from a copy of the "default" virtual server
>
> * create a home_server_pool and home_server in proxy.conf
>
> home_server foo {
> virtual_server = foo
> }
>
> home_server_pool foo {
> home_server = foo
> }
>
> * tell it to proxy
>
> ...
> if (NAS-Identifier == "foo") {
> update control {
> Home-Server-Pool := "foo"
> }
> }
>
> It's a little convoluted, but it works.
>
> Alan DeKok.
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Hello Alan,
thank you very much!
The *tell to proxy part has to be in the authorize section, right?
Thx!
Best regards
More information about the Freeradius-Users
mailing list