Preventing proxy loops

Alan DeKok aland at
Tue Sep 1 13:51:10 CEST 2020

On Sep 1, 2020, at 5:19 AM, Arnaud LAURIOU <arnaud.lauriou at> wrote:
> We have freeRADIUS proxies dedicated to eduroam, version 3.0.21.
> Some of our clients are sending us Access-Request ... with their realm.
> We forward them to their home_server


  The only packets you should get from Eduroam are ones for your realm.  All other packets should be rejected immediately.

	if (Realm != " {

  If they're sending packets for their realm to you, then you have no obligation to be polite.  Don't send the packets back.  Just reject them.

  Their users will complain that they can't get online.  They will then fix the issue.

  Alan DeKok.

More information about the Freeradius-Users mailing list