I'm playing with an idea to try to hide realm information from users,
basically so I
can do things without having to change to much on their end. The setup is
this:
NAS -> radius1 (freeradius) -> radius2 (safeword)
At the moment I have it so if you login as [EMAIL PROTECTED] into the NAS,
radius1 will
proxy the authentication request to radius2. This works like a champ.
I'd like to be able to drop the @sybase.com for people dialing into the
NAS, but still be
able to proxy them to radius2.
Something like this on radius1
if (from NAS and NAS-Port-Type == Async)
proxy to radius2
else
system authentication locally
I was trying to think of a way of doing this in huntgroups. I know that I
can do something like
this in huntgroups:
NAS NAS-IP-Address == xx.xx.xx.xx, NAS-Port-Type == Async
User-Name = user
But I don't know if I can use the variable substitution to add something to
user, that being
@sybase.com so that after the preprocess step the username is really
[EMAIL PROTECTED]
If this can't currently be handled, any suggestions where to start trying
to add this?
-jason
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
