duplicate usernames across multiple NAS that belong to different users

Jonathan Davis jonathan at prioritycolo.com
Wed Sep 1 17:36:12 CEST 2021

On 2021-08-31 6:13 p.m., Alan DeKok wrote:
>    When you make the above changes, you effectively have 3 virtual servers:
> * default - packets from most clients go here
> * server1 - packets from NAS1 go here
> * server2 - packets from NAS2 go here
>    And you also have 2 SQL databases, with separate tables for each set of users.
>    The benefit of this approach is that you end up with pretty standard SQL schema, tables, etc.  You don't need to mangle the usernames, or edit the queries, or do anything special.  In fact, the two different SQL modules can continue to use the same queries!
>    Alan DeKok.

I prefer not mangling / editing / straying from the defaults of 
FreeRadius. Where I run into hesitation is with the numbers. The example 
of 2 is actually 12 devices, in addition to another 88 other devices + 
additional network and workstations we'd be adding. I can handle 
creating virtual servers for each, but creating that many sql modules 
seems unwise to do.

Can the SQL table used be set anywhere else? I'm still familiarizing 
myself with SQL and the authorize section, in that the queries only 
retrieve a known password for the user, which is authorized in the PAP 
or other module of the authorized section?

Having read the virtual servers documentation, I'm not clear on what 
settings are inherited (if any), from the default to virtual servers, 
and if virtual servers can extend other virtual servers?

Thank you,

More information about the Freeradius-Users mailing list