>We got 2 problems when setting up a virtual server (testing.mydomain) to >handle requests for realm @testing.mydomain: > >1. we defined a new ldap server in modules/ldap and want to use it for >authorization/authentication of realm @testing.mydomain, but have no >idea how to use it since the ldap server defined in >sites-enabled/inner-tunnel is always used. Can we define another >inner-tunnel for this new virtual server? >
That new server should have a name. Replace ldap entry in inner-tunnel with name of theis new ldap instance. >2. seems authentication requests go through authorize section in >sites-enabled/default before proxying to virtual server >testing.mydomain. Can we skip this step or tell radiusd to go through >authorize section other than the default one? Probably not. What if the user is not from that realm? If all users from certain NAS are going to be from that realm you can use listen section to divert traffic to a certain virtual server. Read raddb/sites-available/README. Ivan Kalik Kalik Informatika ISP - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

