On Wed, Jul 11, 2007 at 09:22:32AM +0200, Federico Giannici wrote: > We have a working FreeRADIUS 1.1.4 running since a lot of months. > Now we have to proxy the requests for a realm (gtenet.it) to a given > RADIUS server, but our server seems to ignore the proxy configuration! > > I have set "proxy_requests = yes" and included the "proxy.conf" file > (I'm sure of these, looked at the debug output). > > Here it is our "proxy.conf" file: > > proxy server { > synchronous = no > retry_delay = 5 > retry_count = 3 > dead_time = 120 > default_fallback = yes > post_proxy_authorize = no > } > realm gtenet.it { > type = radius > authhost = 195.103.212.53:1645 > accthost = 195.103.212.53:1646 > secret = XXXXXXXXX > } > > When a request for [EMAIL PROTECTED] is received, it goes through the > authorization and then instead of being proxied it goes through > authentication and obviously fail! >
You need to uncomment the "suffix" module in the authorize section. > Here it is the output of the server in debug mode: > > Jul 10 18:55:29 aragorn radiusd[23262]: Going to the next request > Jul 10 18:55:29 aragorn radiusd[23262]: Waking up in 6 seconds... > Jul 10 18:55:29 aragorn radiusd[23262]: rad_lowerpair: User-Name now > '[EMAIL PROTECTED]' > Jul 10 18:55:29 aragorn radiusd[23262]: rad_lowerpair: User-Password > now 'XXXXXXXX' > Jul 10 18:55:29 aragorn radiusd[23262]: rad_rmspace_pair: User-Name now > '[EMAIL PROTECTED]' > Jul 10 18:55:29 aragorn radiusd[23262]: rad_rmspace_pair: User-Password > now 'XXXXXXXX' > Jul 10 18:55:29 aragorn radiusd[23262]: Processing the authorize > section of radiusd.conf > Jul 10 18:55:29 aragorn radiusd[23262]: modcall: entering group > authorize for request 72 > Jul 10 18:55:29 aragorn radiusd[23262]: modcall[authorize]: module > "preprocess" returns ok for request 72 > Jul 10 18:55:29 aragorn radiusd[23262]: modcall[authorize]: module > "nm" returns noop for request 72 ^^^^^^^^^ I don't know this module. Have you named an instance of a known module this way? > Jul 10 18:55:29 aragorn radiusd[23262]: modcall[authorize]: module > "chap" returns noop for request 72 > Jul 10 18:55:29 aragorn radiusd[23262]: modcall[authorize]: module > "mschap" returns noop for request 72 > Jul 10 18:55:29 aragorn radiusd[23262]: rlm_pap: WARNING! No "known > good" password found for the user. Authentication may fail because of this. > Jul 10 18:55:29 aragorn radiusd[23262]: modcall[authorize]: module > "pap" returns noop for request 72 > Jul 10 18:55:29 aragorn radiusd[23262]: modcall: leaving group authorize > (returns ok) for request 72 > Jul 10 18:55:29 aragorn radiusd[23262]: auth: No authenticate method > (Auth-Type) configuration found for the request: Rejecting the user > Jul 10 18:55:29 aragorn radiusd[23262]: auth: Failed to validate the user. > > Any hints of what could be the problem? > > > Thanks. > > -- > ___________________________________________________ > __ > |- [EMAIL PROTECTED] > |ederico Giannici http://www.neomedia.it > ___________________________________________________ > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html