>1. How could I get a username/password authenticated against ldap >without its realm if there is one(i.e. cut away the realm @something.ca)?
ldap filter is set up to use Stripped_user_Name by default. If realm is defined this will work. If it's an unknown realm it won't be stripped. >I used Freeradius 2.0.5. We need this to see if: > * A user is a home user and log in from home NAS/AP (in this case he >may not use any realm at all) That works by default. > * or a user is a home user but log in from other colleage/university >and proxied home by our upper eduroam proxy server at the guest >college/university Configure your realm as a local realm in proxy.conf. > * or a user is a roaming user from other college/university and we >need to proxy the request to the upper eduroam radius server and finally >back to his home > college/university for authenticating. Use DEFAULT realm in proxy.conf to send users from unknown realms to "upper eduroam radius server". >2. How could I get the client IP addresses to fill the "framedipaddress" >field in the table raddacc? >I used mysql as my accounting DB and the client ip addresses assigned by >a dhcp server sitting in the LAN/VLAN. >Now the field "framedipaddress" or "client-ip_address" is empty. Your AP is most likely sending tha accounting Start packet before user gets the IP address assigned. Delay sending of the Start packet for a few seconds (if there is such a setting) or use accounting updates. Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
