(RADIATOR) Different Realm Authentication with Radiator RAIUS
Hugh Irvine
hugh at open.com.au
Wed Nov 7 19:47:35 CST 2001
Hello Anuj -
At 12:48 +0530 01/11/7, Anuj wrote:
>Hi,
>We have Radiator RADIUS running here in production for our ISP dialup
>customers.
>This RADIUS is primarily being used for following services:
>1. Dialup customers from our own NAS (Realm hecl.com and Realm oneconnect).
>2. Dialup customers from our ISP partner's NAS. Our Radius and our ISP
>Partner's Radius are configured as a client (Realm hecl.com)
>
>When we receive the request from hecl realm users (either from our NAS or
>from our ISP Partner's Radius) it is getting authenticated and the Realm
>@hecl is being stripped off by the help of RewriteUsername attribute.
>These users are getting authenticated.
>
>When we receive the request from oneconnect realm users (only from our
>NAS), we don't want to strip off Realm as the user database contains Realm
>along with Username attribute, therefore I have commented the
>RewriteUsername attribute in radius.cfg. These users are not getting
>authenticated, because when we see the log file the username is not
>accompanied with the Realm.
>
>I tried to attach the Radius.cfg and Trace 4 Logfile but the message
>exceeded the 400 character mark, please advise how can I send these
>files..
>
>The main aim of oneconnect Realm is to send Realm details along with
>Username for authentication and at the same time we don't want hecl Realm
>to accompany the Username.
I will need to see the configuration file. You can just cut and paste
it into a mail message and I will take a look at it.
From what you descibe however, it sounds like you need to have
different RewriteUsername statements in the different Realms, instead
of using a global RewriteUsername.
regards
Hugh
--
NB: I am travelling this week, so there may be delays in our correspondence.
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, Interbiller, TACACS+, PAM, external, etc, etc.
Available on Unix, Linux, FreeBSD, Windows 95/98/2000, NT, MacOS X.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.open.com.au/pipermail/radiator/attachments/20011108/f7e749e4/attachment.html>
More information about the radiator
mailing list