From: Frank W. <Fra...@ct...> - 2007-02-05 10:44:04
|
On Sunday 04 February 2007 15:38:07 Serge Leschinsky wrote: > Matthew, > > you are absolutely right! I felt I missed something important ! :-) > > So, it looks like it's able to use 1 pptpd for 2 MS AD with DL. > > The scheme is the following: poptop --> Free Radius (proxy mode for 2 > realms) --> MS IAS 1,2 > > http://wiki.freeradius.org/Proxy > > Frank, does it resolve you problem? > > -- > Serge > > Matthew Hattersley wrote: > > Surely you could set the Radius to proxy requests for the other domains > > to the other radius. That way there would only be one radius, but > > handling two domains. This is quite possible with a L2TP style setup, we > > have 1 Primary Radius clusters which proxies requests for multiple > > domains to several back end Radius servers. > > > > Cheers > > > > Mat > > Hi again, does anybody have a sample config for this? As I am _almost_ a complete=20 ignorant with radius, this could get me going.... Also,=20 as I just went about to boot a test DL machine in order to toy with this, I= =20 have noticed that in recent releases (11 and 12 at the least) have almost n= o=20 radius modules on board (only 4 mysql and postgres related ones... chap pap= =20 ldap etc are missing....) DL 1.2.9 had 76 rlm_... modules..... I guess this is not intentional, so I thought I'd mention it here Thanks =46rank =2E=20 > > -----Original Message----- > > From: dev...@li... > > [mailto:dev...@li...] On Behalf Of > > Serge Leschinsky > > Sent: 02 February 2007 16:30 > > To: dev...@li... > > Subject: Re: [Devil-Linux-discuss] [BULK] Re: Dual VPN Servers > > > > Serge Leschinsky wrote: > >>> Hmm, how will radius be different from samba/winbind? > >> > >> You can use login in user@realm form and set 2 radius servers. So, > >> only one IAS be able to authenticate user. If you define static address > >> ( Framed-IP-Address in radius terms) for remote users and tune > >> firewall, theoretically it should work. > > > > After some thinking I believe that it _would_ _not_ work because the > > first radius server will send "auth fail" and the second will not be > > queried. > > > > Sorry for confusing > > ------------------------------------------------------------------------- > Using Tomcat but need to do more? Need to support web services, security? > Get stuff done quickly with pre-integrated technology to make your job > easier. Download IBM WebSphere Application Server v.1.0.1 based on Apache > Geronimo > http://sel.as-us.falkag.net/sel?cmd=3Dlnk&kid=3D120709&bid=3D263057&dat= =3D121642 > _______________________________________________ > Devil-linux-discuss mailing list > Dev...@li... > https://lists.sourceforge.net/lists/listinfo/devil-linux-discuss =2D-=20 _______________________________________________ Centre de Technologie de l'Education 29 avenue John F. Kennedy L-1855 Luxembourg-Kirchberg email: Fra...@ct... t=E9l.: +352 478-5973 fax: +352 333797 _______________________________________________ |