On Wed, Jul 11, 2007 at 09:22:32AM +0200, Federico Giannici wrote:
> We have a working FreeRADIUS 1.1.4 running since a lot of months.
> Now we have to proxy the requests for a realm (gtenet.it) to a given
> RADIUS server, but our server seems to ignore the proxy configuration!
>
> I have set "proxy_requests = yes" and included the "proxy.conf" file
> (I'm sure of these, looked at the debug output).
>
> Here it is our "proxy.conf" file:
>
> proxy server {
> synchronous = no
> retry_delay = 5
> retry_count = 3
> dead_time = 120
> default_fallback = yes
> post_proxy_authorize = no
> }
> realm gtenet.it {
> type = radius
> authhost = 195.103.212.53:1645
> accthost = 195.103.212.53:1646
> secret = XXXXXXXXX
> }
>
> When a request for [EMAIL PROTECTED] is received, it goes through the
> authorization and then instead of being proxied it goes through
> authentication and obviously fail!
>
You need to uncomment the "suffix" module in the authorize section.
> Here it is the output of the server in debug mode:
>
> Jul 10 18:55:29 aragorn radiusd[23262]: Going to the next request
> Jul 10 18:55:29 aragorn radiusd[23262]: Waking up in 6 seconds...
> Jul 10 18:55:29 aragorn radiusd[23262]: rad_lowerpair: User-Name now
> '[EMAIL PROTECTED]'
> Jul 10 18:55:29 aragorn radiusd[23262]: rad_lowerpair: User-Password
> now 'XXXXXXXX'
> Jul 10 18:55:29 aragorn radiusd[23262]: rad_rmspace_pair: User-Name now
> '[EMAIL PROTECTED]'
> Jul 10 18:55:29 aragorn radiusd[23262]: rad_rmspace_pair: User-Password
> now 'XXXXXXXX'
> Jul 10 18:55:29 aragorn radiusd[23262]: Processing the authorize
> section of radiusd.conf
> Jul 10 18:55:29 aragorn radiusd[23262]: modcall: entering group
> authorize for request 72
> Jul 10 18:55:29 aragorn radiusd[23262]: modcall[authorize]: module
> "preprocess" returns ok for request 72
> Jul 10 18:55:29 aragorn radiusd[23262]: modcall[authorize]: module
> "nm" returns noop for request 72
^^^^^^^^^
I don't know this module. Have you named an instance of a known module
this way?
> Jul 10 18:55:29 aragorn radiusd[23262]: modcall[authorize]: module
> "chap" returns noop for request 72
> Jul 10 18:55:29 aragorn radiusd[23262]: modcall[authorize]: module
> "mschap" returns noop for request 72
> Jul 10 18:55:29 aragorn radiusd[23262]: rlm_pap: WARNING! No "known
> good" password found for the user. Authentication may fail because of this.
> Jul 10 18:55:29 aragorn radiusd[23262]: modcall[authorize]: module
> "pap" returns noop for request 72
> Jul 10 18:55:29 aragorn radiusd[23262]: modcall: leaving group authorize
> (returns ok) for request 72
> Jul 10 18:55:29 aragorn radiusd[23262]: auth: No authenticate method
> (Auth-Type) configuration found for the request: Rejecting the user
> Jul 10 18:55:29 aragorn radiusd[23262]: auth: Failed to validate the user.
>
> Any hints of what could be the problem?
>
>
> Thanks.
>
> --
> ___________________________________________________
> __
> |- [EMAIL PROTECTED]
> |ederico Giannici http://www.neomedia.it
> ___________________________________________________
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
