Hi... My proxy setup seems to have a problem. I used the NULL realm option for testing purposes. It looks like this
realm NULL { type = radius authhost = 200.200.230.136:1812 accthost = 200.200.230.136:1813 secret = amin } when I send User information using Python radius testing tools, the forwarding server send the access request to the remote server, then the remote server sent the access accept back to the forwarding server..but in the forwarding server debug mode it looks like this.... -------------------------------------------------- ad_recv: Access-Request packet from host 200.200.230.135:2071, id=197, length=43 User-Name = "omi" User-Password = "omi" Processing the authorize section of radiusd.conf modcall: entering group authorize for request 1 modcall[authorize]: module "preprocess" returns ok for request 1 modcall[authorize]: module "chap" returns noop for request 1 modcall[authorize]: module "mschap" returns noop for request 1 rlm_realm: No '@' in User-Name = "omi", looking up realm NULL rlm_realm: Found realm "NULL" rlm_realm: Adding Stripped-User-Name = "omi" rlm_realm: Proxying request from user omi to realm NULL rlm_realm: Adding Realm = "NULL" rlm_realm: Preparing to proxy authentication request to realm "NULL" modcall[authorize]: module "suffix" returns updated for request 1 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module "eap" returns noop for request 1 radius_xlat: 'omi' rlm_sql (sql): sql_set_user escaped user --> 'omi' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'omi' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 3 rlm_sql (sql): User omi not found in radcheck radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'omi' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'omi' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql (sql): User omi not found in radgroupcheck rlm_sql (sql): User not found rlm_sql (sql): Released sql socket id: 3 modcall[authorize]: module "sql" returns notfound for request 1 modcall: group authorize returns updated for request 1 Sending Access-Request of id 1 to 200.200.230.136:1812 User-Name = "omi" User-Password = "omi" NAS-IP-Address = 200.200.230.135 Proxy-State = 0x313937 --- Walking the entire request list --- Waking up in 6 seconds... rad_recv: Access-Request packet from host 200.200.230.135:2071, id=197, length=43 Ignoring duplicate packet from client 200.200.230.135:2071 - ID: 197, due to outstanding proxied request 1. --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Re-sending Access-Request of id 1 to 200.200.230.136:1812 User-Name = "omi" User-Password = "]=\222\006\353\003=q\262]\315\335\302o*\237" NAS-IP-Address = 200.200.230.135 Client-IP-Address = 200.200.230.135 Stripped-User-Name = "omi" Realm = "NULL" Realm = "NULL" Proxy-State = 0x313937 Waking up in 5 seconds... rad_recv: Access-Request packet from host 200.200.230.135:2071, id=197, length=43 Ignoring duplicate packet from client 200.200.230.135:2071 - ID: 197, due to outstanding proxied request 1. --- Walking the entire request list --- Waking up in 1 seconds... --- Walking the entire request list --- Re-sending Access-Request of id 1 to 200.200.230.136:1812 User-Name = "omi" User-Password = "]=\222\006\353\003=q\262]\315\335\302o*\237" NAS-IP-Address = 200.200.230.135 Client-IP-Address = 200.200.230.135 Stripped-User-Name = "omi" Realm = "NULL" Realm = "NULL" Proxy-State = 0x313937 Waking up in 5 seconds... --- Walking the entire request list --- Server rejecting request 1. marking authentication server 200.200.230.136:1812 for realm NULL dead Waking up in 0 seconds... --- Walking the entire request list --- Sending Access-Reject of id 197 to 200.200.230.135:2071 Cleaning up request 1 ID 197 with timestamp 41cce718 Nothing to do. Sleeping until we see a request. --------------------------------------------------- The client as the result dont get any response from the forwarding server. The client of the forwarding server are not being authenticated at all. Why is that happen? I just want to make a simple setup for the realm /proxy function. Can someone guide me how to setup and test the simple configuration? Another thing is, when I try the realm IP {---}, in the debug mode it still looking for the realm NULL, and at the end no proxy request being processed. Do I need to change the ignore null in radiusd.conf? I confused about how the realm process is done here..but i'm trying..Just need some guide. Thanks __________________________________ Do you Yahoo!? All your favorites on one personal page – Try My Yahoo! http://my.yahoo.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html