Re: (RADIATOR) AuthBy Policy behavior is not taking place when AuthBy Radius is used.

Thu, 08 Aug 2002 14:24:41 -0700 


Salut Julien -

You are correct, you cannot use a normal AuthByPolicy with AuthBy RADIUS 
clauses. This is because the AuthBy RADIUS clause operates 
asynchronously and it always returns IGNORE immediately after it has 
forwarded the request to the proxy target (subject to the following 
parameters).

You can control the behaviour of the AuthBy RADIUS clause by using the 
following parameters:

        NoForwardAuthentication
        IgnoreAuthentication
        NoForwardAccounting
        IgnoreAccounting
        IgnoreAccountingResponse

In your case you would use IgnoreAuthentication and 
IgnoreAccountingResponse.

Have a look at section 6.29 in the Radiator reference manual 
("doc/ref.html").

regards

Hugh


On Friday, August 9, 2002, at 02:51 AM, <[EMAIL PROTECTED]> 
wrote:

> Hi,
>
> I have found that AuthBy Policy behavior is not taking place when 
> AuthBy Radius is used.
>
>
> In this exemple my radius server will send 3 reply to the NAS for every 
> Accounting-Request he receive, 1 for each <AuthBy Radius> and one for 
> <AuthBy INTERNAL>
> even if I use   "AuthByPolicy anything else" .
>
> <Realm TST>
>       <AuthBy GROUP>
>                       AuthByPolicy    anything else
>                       <AuthBy RADIUS>
>                               NoForwardAuthentication
>                               Host 111.111.111.111
>                               Secret 1111
>                               AcctPort 1646
>                               Retries 1
>                               RetryTimeout 2
>                       </AuthBy>
>                       <AuthBy RADIUS>
>                               NoForwardAuthentication
>                               Host 222.222.222.222
>                               Secret 2222
>                               AcctPort 1646
>                               Retries 1
>                               RetryTimeout 2
>                       </AuthBy>
>                       <AuthBy INTERNAL>
>                       Identifier FullReply
>                       AuthResult                      ACCEPT
>                       AcctStartResult                 ACCEPT
>                       AcctStopResult                  ACCEPT
>                       </AuthBy>               
>       </AuthBy>
> </Realm>
>
>
> ***************** AuthBy Radius In your documentation ******************
> If and when the remote radius server replies to us, we will forward the 
> reply back to the client that originally sent the request to us.
>
> ***************** AuthBy Policy In your documentation ******************
> anything else  Always do every authentication method. Returns the 
> result of the last one.
>
> My question, is there a way to control the behavior of the reply in 
> AuthBy Radius ?
>
>
> Julien Chavanton
>
>
>
>
>
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Reply via email to