Hi, > Another quest for me is to encapsulate the configuration for eduroam > (including the users and proxy.conf(!)) into a complete independent > configuration to use the radius server for more than eduroam. > Unfortunately all tries to us a other file for users and proxy.conf only > in the eduroam virtual server was unsuccessful.
the proxy.conf entries are global - so you cannot have a single isolated way - you need to share the file. our current recipe is quite simple, in 'human readable' terms : is this user a local user? yes -> mark realm as local no -> mark realm as eduroam if realm = local then update the control proxy to local if realm = eduroam then update the control proxy to eduroam then, in proxy.conf have your eduroam config as a nice boilerplate. its okay - but I really really wouldnt want to drop such a configuration on top of someone elses server as, the joy of FreeRADIUS , is that people can do whtings in so many ways...and by defining realms and control lgoic you could/may break their internal logic, unlang etc. what we DO suggest is that sites have a virtual server for dealing with things that come from their national proxies - as the proxy would already have checked that the user is theirs etc - so you can skip lots of stuff and go straight to the authorization/authentication stages. alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
