proxy.conf (from v2 to v3) - edoroam - NRO - configurations - requested - regarding

P.Thirunavukkarasu drthiruna at tanuvas.org.in
Sun Jun 20 21:15:34 CEST 2021 

Hi all,

Greetings.

I configured the FreeRADIUS 3 (Centos 7) with G Suite LDAP for our
University.

I need to configure the eduroam for our University.

Our domain name is *tanuvas.org.in <http://tanuvas.org.in/>*

Our NRO gave the proxy configuration as follows. As far as I understand,
the NRO’s configuration is in FreeRADIUS version 2. We requested the NRO to
provide the details of one more server for fail-over.



*------------------------------------------------------------------------*

*realm tanuvas.org.in <http://tanuvas.org.in/> {*

*authhost  = LOCAL*

*}*



*realm DEFAULT {*

* authhost= flr1.eduroam.ernet.in <http://flr1.eduroam.ernet.in/>*

*secret = <<secret>>*

*nostrip*

*}*

-----------------------------------------------------------------

I wish to configure the above in FreeRADIUS version 3. My configuration of
proxy.conf as follows



*#Proxy Server Configuration*

proxy server {

        retry_delay = 5

        retry_count = 3

        default_fallback = no

        dead_time = 120

        wake_all_if_all_dead = no

 }

------------------------------------------------------------------------------------------------

*#Home Server Configuration*

home_server flr1.eduroam.ernet.in {

        ipaddr = 144.16.140.190

        port = 1812

        type = "auth"

        secret = <<< secret >>>

        response_window = 20.000000

        response_timeouts = 1

        max_outstanding = 65536

        zombie_period = 40

        status_check = "status-server"

        ping_interval = 30

        check_interval = 30

        check_timeout = 4

        num_answers_to_alive = 3

        revive_interval = 120

  limit {

        max_connections = 16

        max_requests = 0

        lifetime = 0

        idle_timeout = 0

  }

  coa {

        irt = 2

        mrt = 16

        mrc = 5

        mrd = 30

  }

 }

*------------------------------------------------------------------------------------------*

*#Home Server pool Configuration*

 home_server_pool EDUROAM {

        type = fail-over

        home_server = flr1.eduroam.ernet.in

 }

*-----------------------------------------------------------------------------------*

*# realm configuration*

 realm tanuvas.org.in {

        auth_pool = LOCAL

 }



realm DEFAULT {

        auth_pool = EDUROAM

        nostrip

 }



------------------------------------------------------------------

The questions are,

1.       As I understand, the home server means the eduroam servers of NRO.
Hence, I configured the home server and home server pool as above.

2.       Are the above proxy and realm config correct or not?

3.       Our domain name is tanuvas.org.in. I configured the realm as LOCAL

4.       Realm DEFAULT points to the Home Server Pool EDUROAM. Is it correct

5.       Mention the corrections required in the proxy.conf

6.       Is it necessary to configure the realms NULL and LOCAL





(We are having two more domains named tanuvas.ac.in and tanuvas.edu.in)

Best Regards,
*Thirunavukkarasu*

More information about the Freeradius-Users mailing list