duplicate usernames across multiple NAS that belong to different users
Jonathan Davis
jonathan at prioritycolo.com
Wed Sep 1 17:36:12 CEST 2021
On 2021-08-31 6:13 p.m., Alan DeKok wrote:
> When you make the above changes, you effectively have 3 virtual servers:
>
> * default - packets from most clients go here
> * server1 - packets from NAS1 go here
> * server2 - packets from NAS2 go here
>
> And you also have 2 SQL databases, with separate tables for each set of users.
>
> The benefit of this approach is that you end up with pretty standard SQL schema, tables, etc. You don't need to mangle the usernames, or edit the queries, or do anything special. In fact, the two different SQL modules can continue to use the same queries!
>
> Alan DeKok.
I prefer not mangling / editing / straying from the defaults of
FreeRadius. Where I run into hesitation is with the numbers. The example
of 2 is actually 12 devices, in addition to another 88 other devices +
additional network and workstations we'd be adding. I can handle
creating virtual servers for each, but creating that many sql modules
seems unwise to do.
Can the SQL table used be set anywhere else? I'm still familiarizing
myself with SQL and the authorize section, in that the queries only
retrieve a known password for the user, which is authorized in the PAP
or other module of the authorized section?
Having read the virtual servers documentation, I'm not clear on what
settings are inherited (if any), from the default to virtual servers,
and if virtual servers can extend other virtual servers?
Thank you,
Jonathan
More information about the Freeradius-Users
mailing list