Hello!

I need to configure freeradius as a proxy server only for users that 
ends in "@domain1.com". This users must be authenticated by its home 
server (external proxy) but users must received an ip address from my 
pool. (We give internet service to customer from another country with 
its dialup username , some kind of roaming service)


For the rest of users it should authenticate itself.

Then I have configured the following:

proxy.conf:

# Realm for domain1.com
realm domain1.com {
         type        = radius
         authhost    = radius.domain1.com:1812
         accthost    = radius.domain1.com:1813
         secret      = mysecret
         nostrip
}

radius.conf:

proxy_requests  = yes
$INCLUDE  ${confdir}/proxy.conf
modules{
.
.
.
        files {
                 usersfile = ${confdir}/users
     }

         realm suffix {
                 format = suffix
                 delimiter = "@"
                 ignore_default = no
                 ignore_null = yes
         }
.
.
.
}

authorize {
.
.
.
suffix
.
.
files
.
.
}

preacct {
.
.
suffix
.
.
files
}

pre-proxy {
files
}


Users:

DEFAULT Suffix="domain1.com",  Pool-Name := "mypoolDialup"
         Service-Type = Framed-User,
         Framed-Protocol = PPP,
         Service-Type = Framed-User,
         Framed-Routing  = Broadcast-Listen,
         Framed-Compression = Van-Jacobson-TCP-IP,
         Fall-Through = Yes


Is it correct?



- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to