Hi,
is it possible and what should I do to forward (proxy) a specified username (without realm) to the specified radius server?
I tried adding "" as the realm delimiter which didn't work. It would be simple solution to my problem.
Can I somehow specifiy proxy as user auth-type or similar if the above is not feasible?
I need this because first request during l2tp setup on Cisco 6400 is just a realm name (without @,%,/ or similar) as the username and I need to proxy (not localy) process that username.
###################################################
Log from 'radiusd -X':
Nothing to do. Sleeping until we see a request. rad_recv: Access-Request packet from host x.y.z.t::21645, id=155, length=124 User-Name = "mpls-vpdn" User-Password = "cisco" NAS-Port-Type = Virtual Cisco-NAS-Port = "8/0/0/127.36" NAS-Port = 2155806756 Connect-Info = "384/64" Service-Type = Outbound-User NAS-IP-Address = x.y.z.t Acct-Session-Id = "8/0/0/127.36_00000045" modcall: entering group authorize modcall[authorize]: module "preprocess" returns ok modcall[authorize]: module "chap" returns noop modcall[authorize]: module "mschap" returns noop rlm_realm: No '@' in User-Name = "mpls-vpdn", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop users: Matched DEFAULT at 155 modcall[authorize]: module "files" returns ok modcall: group authorize returns ok rad_check_password: Found Auth-Type System auth: type "System" modcall: entering group authenticate modcall[authenticate]: module "unix" returns notfound modcall: group authenticate returns notfound auth: Failed to validate the user.
###################################################
Thanks
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
