On Mon, Mar 4, 2013 at 3:27 PM, Olivier Beytrison <[email protected]> wrote: > On 04.03.2013 22:17, Olivier Beytrison wrote: >> >> On 04.03.2013 21:56, Matt Zagrabelny wrote: >>> >>> Greetings, >>> >>> I am configuring a general purpose RADIUS server that any number of >>> clients can connect to for authn - it uses a PostgreSQL DB as the >>> backend datastore. I would also like to setup a secondary RADIUS >>> server listening on a different port (ie. 1814) and use the same Pg DB >>> as a backend, but use a "restricted" view as the "users" table, then >>> configure devices (certain network gear) that wish to only allow users >>> in the "restricted" view to use that secondary RADIUS server and >>> corresponding port. >> >> >> You can use the same listen ports, but group clients (which mean NAS) in >> two groups, and assign a specific virtual server for each groups, with >> different policy, database lookup and such. > > > Just to add, I think you should define a virtual server with a default > virtual_server in the listen {} section, then for your specific NAS that > needs special policy/authn, simply specify a different virtual_server in the > client {} section > > I also wanted to add that you'll find all the information you need here > http://wiki.freeradius.org/config/Virtual-server (but my @#°@¦§¬ mail client > sent the mail instead of pasting the link) :)
Hi Olivier, Thanks for the replies. I'll start digesting that wiki page soon*. I'm not sure if Debian patched the 2.1.10 line to take care of any grievous bugs, but if we start hitting them, we may need to upgrade. FWIW, we were/are running 1.1.0 on Solaris, so we'll be excited to have the new bugs to deal with. :) Cheers, -mz - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
