Below is an example of how I run my central freeradius server. It is nothing
but a central point for proxy to other servers. ISP2 & ISP3 are customers
that we provide the RAS connections, but send AAA off to them to handle
their customers. I am ISP1 and send my users off to my other freeRADIUS
server. As obvious by my users file, I do handle this all by CLID.
Here is my boggle. We have just purchased ISP2 and need to integrate them
into our RADIUS. We are going to require them to add a domain to their login
([EMAIL PROTECTED]) so that we don't have duplicates to our current users
(their current dialup customers just use a username).
The problem is that ISP2 also does a bit of proxy for a satellite ISP based
on having a domain attached (@sat.newdomain.com). What would I add to my
users file to send any customer with @sat.newdomain.com in the username off
to a different realm, no matter what number they dialed?
*users*
DEFAULT Called-Station-Id == "1234567890", Proxy-To-Realm := "isp1"
DEFAULT Called-Station-Id == "1230987654", Proxy-To-Realm := "isp2"
DEFAULT Called-Station-Id == "1230009999", Proxy-To-Realm := "isp2"
DEFAULT Called-Station-Id == "1239991234", Proxy-To-Realm := "isp3"
*proxy.conf*
realm isp1 {
type = radius
authhost = 1.1.1.1:1812
accthost = 1.1.1.1:1813
secret = mydirtylittlesecret
nostrip
}
realm isp2 {
type = radius
authhost = 2.2.2.2:1645
accthost = 2.2.2.2:1646
secret = donttellanyone
}
realm isp3 {
type = radius
authhost = 3.3.3.3:1645
accthost = 3.3.3.3:1646
secret = youdontknow
nostrip
}
Anson Rinesmith
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
