[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Help-gnu-radius] About proxying (fwd)
From: |
Maurice Makaay |
Subject: |
Re: [Help-gnu-radius] About proxying (fwd) |
Date: |
Mon, 24 Nov 2003 11:16:01 +0100 |
Hi,
> And a little addition to previous message... Where do I define, which
> shared key the local Radius should use with the remote one?
This is done in the clients file.
> I don't know if I have understood everything correctly. Is it possible
> that I do some user-autentication on local Radius-server and forwad only
> part of the authentication-requests to remote Radius? Can I for example
> define which users are authenticated by local Radius and which with
> remote one? And if so, how is this done?
Realms are invented for this kind of stuff. Using realms it's very easy
to forward certain auth requests. If you define a realm for the users which
should be handled remotely, you can use the realms file to forward the
authentication requests. Example realms entry:
whatever <remoteradiushost>:<authport>:<acctport> nostrip
If you have this defined in your realms file and you login using the
username address@hidden, the authentication request will be proxied to
the defined remote radiushost. Take a look at the documentation to find
out the exact semantics of the realms file. In the example above, the
realm will not be stripped from the username, so the remote radius server
should be able to process the username including the realm.
Good luck!
-- Maurice Makaay