Hello All, I am using FreeRadius-1.0.1. The client is 802.1x client on windows XP with PEAP. The authenticator is an HP 2524 switch (10.0.1.20 in the log file).
For me things are working fine with one radius server
and
AAA works pretty good and I can also check the
simultaneous-use for a user.
Now I am trying to use the same setup and introduce
the proxy radius server (10.0.1.5 in the log file).
The XP client sends the credentials to main radius
server and based on the Realm (THESIS.COM in the log
file), the request is proxied to another
freeradius server (10.0.1.15) which does the actual
authetication.
Everything works fine upto this point. But then the
problem is that the proxy radius server does not send
any accounting information to the other radius server.
Now it means that if there are multiple users trying
to get connected using the same username/password,
there is no way to restrict them until and
Simultaneous-Use works and for this, Radisu server
should have accounting information. Note that the
proxy server has the accounting information and I can
see the connected user (authenticated by the 2nd
radius server) using radwho.
Probably I am making some mistake somewhere which I
cannot figure out after trying so many times. I will
really appreciate any pointers in this regard.
The log file is attached with the email as radiuslog.
I added this line in the users file
DEFAULT Proxy-To-Realm := "THESIS.COM"
Following is the proxy.conf file for the proxy server
proxy server {
synchronous = yes
retry_delay = 5
retry_count = 3
dead_time = 120
default_fallback = yes
post_proxy_authorize = yes
}
realm LOCAL {
type = radius
authhost = LOCAL
accthost = LOCAL
}
realm NULL {
type = radius
authhost = LOCAL
accthost = LOCAL
secret = testing123
}
realm THESIS.COM {
type = radius
authhost = 10.0.1.15:1812
accthost = 10.0.1.15:1813
secret = testing123
}
Best Regards
Khurram
__________________________________
Do you Yahoo!?
Meet the all-new My Yahoo! - Try it today!
http://my.yahoo.com
radiuslog
Description: radiuslog
