I have two Freeradius servers, one of which authenticates MAC
addresses for wireless, the other [EMAIL PROTECTED] for some
other network access.
I'd like to combine the two of them into one server. If the username
comes through without a realm (a MAC address) I'd like it to check
the users file. If it comes through with a realm, just check LDAP. If
the MAC address fails, it should never ever check LDAP. That just
beats up the LDAP server and the LDAP admin yells (with good reason!).
Should I be looking to do this just in the radiusd.conf? Or should I
be attempting to mangle some kind of proxy arrangement? Would anyone
care to share any sample configs for such a thing? It looks to me
like there may be several ways to do this and I'd like to spend the
time building up the best method. Proxy? Autz-type?
I am running Freeradius 1.0.2 from Debian Sarge. I did some mailing
list archive searching but I just might be checking the wrong search
terms, as I'm not finding a good result.
Thanks for any suggestions.
j
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
