Peter Nixon wrote: > On Tue 26 Sep 2006 11:55, Nicolas Baradakis wrote: > > > However, a proxy request is different, because it's a new outgoing > > packet. In this case, we don't force the source IP in FreeRADIUS and > > we shouldn't do so because the NAS and the realm server are possibly > > on a different network. (it depends on the local network configuration) > > > > The network configuration of the host is outside the scope of > > FreeRADIUS. The correct way to solve the problem is to fix the > > network routes on the host, so the outgoing requests have the > > desired source IP. > > Yes you are correct. Abviously I didn't read the thread in enough > depth. It does bring up the issue that we maybe should have an optional > proxy_source_ip config option..
I don't think it's a good idea, because all the realm servers may not be on the same network. IMHO FreeRADIUS doesn't have to cope with the network configuration of the host: it only has to set the destination IP, and the rest is handled by the kernel. -- Nicolas Baradakis - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
