On 03/25/2011 09:45 PM, Robert Roll wrote:
Note that in the above the Realm is quite useful, but there is NO need to
actually do proxy, so really no "REAL" need to get into the proxy.conf ?
This is a good reason to use unlang rather than realm. "realm" is
designed for proxying, always gets it list of realms from "proxy.conf"
and sets the control:Proxy-To-Realm attribute.
You also may not realise that user@undefined realm will set:
Stripped-User-Name = use
Realm = DEFAULT
i.e. the Realm value does *not* preserve the text after the @.
Your original problem (crazy loop) occurred because the DEFAULT realm
you defined in proxy.conf was pointing somewhere else - probably back at
the very same radius server, resulting in an infinite loop.
HTH
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
