I've try below at the end of authorize section
if (control:Auth-Type := "EAP") {
update control {
{
Proxy-To-Realm == "xyz.com"
}
realm xyz.com {
type = radius
authhost = 123.123.123.1:1812
accthost = 123.123.123.1:1813
secret = password
nostrip
}
}
if (control:Auth-Type := "PAP") {
update control {
{
Proxy-To-Realm == "xyz.com"
}
realm xyz.com {
type = radius
authhost = 123.123.123.2:1812
accthost = 123.123.123.2:1813
secret = password
nostrip
}
}
Got error while startup the freeradius
Error: /etc/freeradius/sites-enabled/default[212]: ERROR: No value given for
attribute {
Error: /etc/freeradius/sites-enabled/default[211]: Failed to parse "update"
subsection.
Error: /etc/freeradius/sites-enabled/default[62]: Errors parsing authorize
section.
What is my mistake?
Thanks
KH
----- Original Message ----
From: Alan Buxey <[email protected]>
To: FreeRadius users mailing list <[email protected]>
Sent: Fri, December 18, 2009 4:22:39 AM
Subject: Re: proxy same realm but different authentication protocol to
different server
Hi,
> Am I possible to do these?
>
> 1. proxy realm xyz.com (PAP/CHAP) to server#1
>
> 2. proxy realm xyz.com (PEAP) to server#2
yes, in many varied ways.... you could doa check of Auth-Type
at the end of the authorise section..and then if realm = xyz.com
update the control to proxy to server1 it its PAP or CHAP
or if its EAP then proxy it to server2
alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
