Are we in a bad mood?
> Date: Tue, 11 Oct 2011 08:46:28 +0200 > From: [email protected] > To: [email protected] > Subject: Re: Local Auth if Proxy Auth fails ---OR--- Proxy Auth if Local Auth > fails > > Яцко Эллад Геннадьевич (ngs) wrote: > > I am beginner in RADIUS. I guessed you talked about > > "sites-available/default" > > because Cisco does not use any realms when sends its packets to the RADIUS. > > I talked about realms because I wanted to talk about realms. > > > I think it's needed "expanding of my task boundaries" :-) I want to make > > Cisco > > devices authenticate users when ther enter the device via telnet/ssh. It > > would > > be three-stage procedure: > > - Windows DC if IAS (Microsoft RADIUS) is accessible; > > - if no - RADIUS local DB if it is accessible; > > - if no - Cisco's local DB (NAS local authentication). > > > > So If I correctly understood I need to use "authenticate" section. > > No. My example was correct. > > > But what is further I don't clearly imagine. I guess when Access-Request > > is incoming, > > RADIUS in accordance with suggested scheme must change realm of request and > > continue process packet with new conditions, is it right? > > No. My example was correct. > > > I must define new realm, for example "ias", and I must define > > home-server for it, > > do I? > > That's the only thing you got right. > > Alan DeKok. > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
