Re: [Devil-Linux-discuss] Dual VPN Servers

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hi again,

and thanks for the reply...

The Realm stuff is OK, I forgot to show you this one. (I had toyed with a N=
ULL=20
realm too, but realm detection works... when I use fw...@is..., freeradi=
us=20
tries to contact the other server (10.0.0.3)

testradius:~# radtest fw...@ct... blabla 127.0.0.1 1812 testing1=
23
Sending Access-Request of id 75 to 127.0.0.1:1812
        User-Name =3D "fw...@ct..."
        User-Password =3D "blabla"
        NAS-IP-Address =3D testradius
        NAS-Port =3D 1812
rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=3D75, length=3D=
70
        Framed-Protocol =3D PPP
        Service-Type =3D Framed-User
        Framed-IP-Address =3D 172.16.0.111
        Class =3D 0x357004300000013700010a00000201c74b86aecf547b00000000000=
00005

my proxy.conf looks like this:

=2D--8<---
proxy server {
        synchronous =3D no
        retry_delay =3D 5
        retry_count =3D 3
        dead_time =3D 120
        default_fallback =3D yes
        post_proxy_authorize =3D yes
}

realm NULL {
        type            =3D radius
        authhost        =3D 10.0.0.3:1812
        accthost        =3D 10.0.0.3:1813
        secret          =3D testing123
}

realm cte-admin.cte.lu  {
        type            =3D radius
        authhost        =3D 10.0.0.2:1812
        accthost        =3D 10.0.0.2:1813
        secret          =3D testing123
}

realm isp2.com {
        type        =3D radius
        authhost    =3D 10.0.0.3:1812
        accthost    =3D 10.0.0.3:1813
        secret      =3D TheirKey
}

realm LOCAL {
        type            =3D radius
        authhost        =3D LOCAL
        accthost        =3D LOCAL
}

=2D--8<---
This is the suffix part form radiusd.conf:
=2D--8<---
realm suffix {
                format =3D suffix
                delimiter =3D "@"
                ignore_default =3D no
                ignore_null =3D no=20
       }
=2D--8<---

On Thursday 08 February 2007 15:46:57 Serge Leschinsky wrote:
> Hi Frank,
>
> Probably the root cause is in the realm syntax.
>
> Allowed realm formats are:
>
>  username@realm
>  realm/username
>  username%realm
>  realm\username
>
> The realm syntax  is defined via the realm module config in radiusd.conf
>
> When you use radtest, your request is processed by config section with
> realm NULL ( try the execute the following:
> radtest fweis@realm whatever 127.0.0.1 1812  testing123 )
>
>
> So, I believe the problem is in the proxy.conf. May I ask you to show me
> the file? And, may be realm module from radiusd.conf...
>
> PS. Try to run freeradius as "radiusd -x".
>
>

=2D-=20
_______________________________________________
 Centre de Technologie de l'Education
 29 avenue John F. Kennedy
 L-1855 Luxembourg-Kirchberg
 email: Fra...@ct...
 t=E9l.: +352 478-5973
 fax: +352 333797
 _______________________________________________