Hello All, I am using FreeRadius-1.0.1. The client is 802.1x client on windows XP with PEAP. The authenticator is an HP 2524 switch (10.0.1.20 in the log file).
For me things are working fine with one radius server and AAA works pretty good and I can also check the simultaneous-use for a user. Now I am trying to use the same setup and introduce the proxy radius server (10.0.1.5 in the log file). The XP client sends the credentials to main radius server and based on the Realm (THESIS.COM in the log file), the request is proxied to another freeradius server (10.0.1.15) which does the actual authetication. Everything works fine upto this point. But then the problem is that the proxy radius server does not send any accounting information to the other radius server. Now it means that if there are multiple users trying to get connected using the same username/password, there is no way to restrict them until and Simultaneous-Use works and for this, Radisu server should have accounting information. Note that the proxy server has the accounting information and I can see the connected user (authenticated by the 2nd radius server) using radwho. Probably I am making some mistake somewhere which I cannot figure out after trying so many times. I will really appreciate any pointers in this regard. The log file is attached with the email as radiuslog. I added this line in the users file DEFAULT Proxy-To-Realm := "THESIS.COM" Following is the proxy.conf file for the proxy server proxy server { synchronous = yes retry_delay = 5 retry_count = 3 dead_time = 120 default_fallback = yes post_proxy_authorize = yes } realm LOCAL { type = radius authhost = LOCAL accthost = LOCAL } realm NULL { type = radius authhost = LOCAL accthost = LOCAL secret = testing123 } realm THESIS.COM { type = radius authhost = 10.0.1.15:1812 accthost = 10.0.1.15:1813 secret = testing123 } Best Regards Khurram __________________________________ Do you Yahoo!? Meet the all-new My Yahoo! - Try it today! http://my.yahoo.com
radiuslog
Description: radiuslog